Lucene search

Samsung MobileCVE-2023-30721

HistorySep 06, 2023 - 4:15 a.m.

CVE-2023-30721

2023-09-0604:15:15

CWE-532

Samsung Mobile

web.nvd.nist.gov

cve-2023-30721

vulnerability

locksettings

smr sep-2023 release 1

log insertion

sensitive information

privileged attacker

local attacker

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

AI Score

4.3

Confidence

High

EPSS

Percentile

5.1%

JSON

Insertion of sensitive information into log vulnerability in Locksettings prior to SMR Sep-2023 Release 1 allows a privileged local attacker to get lock screen match information from the log.

Affected configurations

Nvd

Node

samsungandroidMatch11.0-

samsungandroidMatch11.0smr-apr-2021-r1

samsungandroidMatch11.0smr-apr-2022-r1

samsungandroidMatch11.0smr-apr-2023-r1

samsungandroidMatch11.0smr-aug-2021-r1

samsungandroidMatch11.0smr-aug-2022-r1

samsungandroidMatch11.0smr-aug-2023-r1

samsungandroidMatch11.0smr-dec-2020-r1

samsungandroidMatch11.0smr-dec-2021-r1

samsungandroidMatch11.0smr-dec-2022-r1

samsungandroidMatch11.0smr-feb-2021-r1

samsungandroidMatch11.0smr-feb-2022-r1

samsungandroidMatch11.0smr-feb-2023-r1

samsungandroidMatch11.0smr-jan-2021-r1

samsungandroidMatch11.0smr-jan-2022-r1

samsungandroidMatch11.0smr-jan-2023-r1

samsungandroidMatch11.0smr-jul-2021-r1

samsungandroidMatch11.0smr-jul-2022-r1

samsungandroidMatch11.0smr-jul-2023-r1

samsungandroidMatch11.0smr-jun-2021-r1

samsungandroidMatch11.0smr-jun-2022-r1

samsungandroidMatch11.0smr-jun-2023-r1

samsungandroidMatch11.0smr-mar-2021-r1

samsungandroidMatch11.0smr-mar-2022-r1

samsungandroidMatch11.0smr-mar-2023-r1

samsungandroidMatch11.0smr-may-2021-r1

samsungandroidMatch11.0smr-may-2022-r1

samsungandroidMatch11.0smr-may-2023-r1

samsungandroidMatch11.0smr-nov-2021-r1

samsungandroidMatch11.0smr-nov-2022-r1

samsungandroidMatch11.0smr-oct-2021-r1

samsungandroidMatch11.0smr-oct-2022-r1

samsungandroidMatch11.0smr-sep-2021-r1

samsungandroidMatch11.0smr-sep-2022-r1

samsungandroidMatch12.0-

samsungandroidMatch12.0smr-apr-2022-r1

samsungandroidMatch12.0smr-apr-2023-r1

samsungandroidMatch12.0smr-aug-2022-r1

samsungandroidMatch12.0smr-aug-2023-r1

samsungandroidMatch12.0smr-dec-2021-r1

samsungandroidMatch12.0smr-dec-2022-r1

samsungandroidMatch12.0smr-feb-2022-r1

samsungandroidMatch12.0smr-feb-2023-r1

samsungandroidMatch12.0smr-jan-2022-r1

samsungandroidMatch12.0smr-jan-2023-r1

samsungandroidMatch12.0smr-jul-2022-r1

samsungandroidMatch12.0smr-jul-2023-r1

samsungandroidMatch12.0smr-jun-2022-r1

samsungandroidMatch12.0smr-jun-2023-r1

samsungandroidMatch12.0smr-mar-2022-r1

samsungandroidMatch12.0smr-mar-2023-r1

samsungandroidMatch12.0smr-may-2022-r1

samsungandroidMatch12.0smr-may-2023-r1

samsungandroidMatch12.0smr-nov-2021-r1

samsungandroidMatch12.0smr-nov-2022-r1

samsungandroidMatch12.0smr-oct-2022-r1

samsungandroidMatch12.0smr-sep-2022-r1

samsungandroidMatch13.0-

samsungandroidMatch13.0smr-apr-2023-r1

samsungandroidMatch13.0smr-aug-2023-r1

samsungandroidMatch13.0smr-dec-2022-r1

samsungandroidMatch13.0smr-feb-2023-r1

samsungandroidMatch13.0smr-jan-2023-r1

samsungandroidMatch13.0smr-jul-2023-r1

samsungandroidMatch13.0smr-jun-2023-r1

samsungandroidMatch13.0smr-mar-2023-r1

samsungandroidMatch13.0smr-may-2023-r1

samsungandroidMatch13.0smr-nov-2022-r1

samsungandroidMatch13.0smr-oct-2022-r1

VendorProductVersionCPE
samsungandroid11.0cpe:2.3:o:samsung:android:11.0:-:*:*:*:*:*:*
samsungandroid11.0cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:*
samsungandroid11.0cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1:*:*:*:*:*:*
samsungandroid11.0cpe:2.3:o:samsung:android:11.0:smr-apr-2023-r1:*:*:*:*:*:*
samsungandroid11.0cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:*
samsungandroid11.0cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1:*:*:*:*:*:*
samsungandroid11.0cpe:2.3:o:samsung:android:11.0:smr-aug-2023-r1:*:*:*:*:*:*
samsungandroid11.0cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:*
samsungandroid11.0cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1:*:*:*:*:*:*
samsungandroid11.0cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1:*:*:*:*:*:*

Vendor	Product	Version	CPE
samsung	android	11.0	cpe:2.3:o:samsung:android:11.0:-::::::
samsung	android	11.0	cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1::::::
samsung	android	11.0	cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1::::::
samsung	android	11.0	cpe:2.3:o:samsung:android:11.0:smr-apr-2023-r1::::::
samsung	android	11.0	cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1::::::
samsung	android	11.0	cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1::::::
samsung	android	11.0	cpe:2.3:o:samsung:android:11.0:smr-aug-2023-r1::::::
samsung	android	11.0	cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1::::::
samsung	android	11.0	cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1::::::
samsung	android	11.0	cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1::::::

Rows per page:

1-10 of 691

CNA Affected

[
  {
    "vendor": "Samsung Mobile",
    "product": "Samsung Mobile Devices",
    "versions": [
      {
        "status": "unaffected",
        "version": "SMR Sep-2023 Release in Android 11, 12, 13"
      }
    ],
    "defaultStatus": "affected"
  }
]

References

security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

AI Score

4.3

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2023-30721