Lucene search

K
cveSamsung MobileCVE-2023-30702
HistoryAug 10, 2023 - 2:15 a.m.

CVE-2023-30702

2023-08-1002:15:12
CWE-787
Samsung Mobile
web.nvd.nist.gov
20
cve-2023-30702
stack overflow
sshdcpapp ta
samsung electronics
system hardware update
windows update
galaxy book go
galaxy book go 5g
galaxy book2 go
galaxy book2 pro 360
local attacker
arbitrary code
nvd

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

0

Percentile

5.1%

Stack overflow vulnerability in SSHDCPAPP TA prior to "SAMSUNG ELECTONICS, CO, LTD. - System Hardware Update - 7/13/2023" in Windows Update for Galaxy book Go, Galaxy book Go 5G, Galaxy book2 Go and Galaxy book2 Pro 360 allows local attacker to execute arbitrary code.

Affected configurations

Nvd
Node
samsunggalaxy_book_go_firmwareMatch-
AND
samsunggalaxy_book_goMatch-
Node
samsunggalaxy_book_go_5g_firmwareMatch-
AND
samsunggalaxy_book_go_5gMatch-
Node
samsunggalaxy_book2_go_firmwareMatch-
AND
samsunggalaxy_book2_goMatch-
Node
samsunggalaxy_book2_pro_360_firmwareMatch-
AND
samsunggalaxy_book2_pro_360Match-
VendorProductVersionCPE
samsunggalaxy_book_go_firmware-cpe:2.3:o:samsung:galaxy_book_go_firmware:-:*:*:*:*:*:*:*
samsunggalaxy_book_go-cpe:2.3:h:samsung:galaxy_book_go:-:*:*:*:*:*:*:*
samsunggalaxy_book_go_5g_firmware-cpe:2.3:o:samsung:galaxy_book_go_5g_firmware:-:*:*:*:*:*:*:*
samsunggalaxy_book_go_5g-cpe:2.3:h:samsung:galaxy_book_go_5g:-:*:*:*:*:*:*:*
samsunggalaxy_book2_go_firmware-cpe:2.3:o:samsung:galaxy_book2_go_firmware:-:*:*:*:*:*:*:*
samsunggalaxy_book2_go-cpe:2.3:h:samsung:galaxy_book2_go:-:*:*:*:*:*:*:*
samsunggalaxy_book2_pro_360_firmware-cpe:2.3:o:samsung:galaxy_book2_pro_360_firmware:-:*:*:*:*:*:*:*
samsunggalaxy_book2_pro_360-cpe:2.3:h:samsung:galaxy_book2_pro_360:-:*:*:*:*:*:*:*

CNA Affected

[
  {
    "vendor": "Samsung Mobile",
    "product": "Galaxy book Go, Galaxy book Go 5G, Galaxy book2 Go and Galaxy book2 Pro 360",
    "versions": [
      {
        "status": "unaffected",
        "version": ""SAMSUNG ELECTONICS, CO, LTD. - System Hardware Update - 7/13/2023""
      }
    ],
    "defaultStatus": "affected"
  }
]

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

0

Percentile

5.1%

Related for CVE-2023-30702