CVE-2023-21447

Improper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local attackers to access information with Samsung Cloud's privilege via implicit intent...

CVE-2023-21437

Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast...

CVE-2023-21429

Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access SSID...

CVE-2023-21429

Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access SSID...

Improper access control

Improper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local attackers to access information with Samsung Cloud's privilege via implicit intent...

Improper access control

Improper access control vulnerability in MyFiles prior to versions 12.2.09 in Android R11, 13.1.03.501 in Android S12 and 14.1.00.422 in Android T13 allows local attacker to write file with MyFiles privilege via implicit intent...

Improper access control

Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast...

Design/Logic Flaw

Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID...

CVE-2023-21436

CVE-2023-21436 affects Samsung Contacts prior to SMR Feb-2023 Release 1, due to improper usage of implicit intents that allows a local attacker to obtain an account ID. Connected sources indicate the issue impacts Samsung Mobile devices and that updates addressing it were included in SMR Feb-2023...

SAMSUNG Cloud 安全漏洞

SAMSUNG Cloud is an application from the South Korean company Samsung SAMSUNG. It is used to provide a feature to save and view images. A security vulnerability exists in SAMSUNG Cloud prior to version 5.3.0.32, which stems from the presence of an Improper Access Control vulnerability that can be...

CVE-2023-21429

Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access SSID...

CVE-2023-21437

Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast...

CVE-2023-21437

CVE-2023-21437 affects the Samsung Phone application prior to SMR Feb-2023 Release 1. The root cause is improper access control, enabling local attackers to access sensitive information via implicit broadcast. Impact is described as exposure of sensitive data with local attacker access and no use...

CVE-2023-21445

CVE-2023-21445 concerns an improper access control vulnerability in Samsung MyFiles. Affected platforms include Android R (11) versions prior to 12.2.09, Android S (12) prior to 13.1.03.501, and Android T (13) prior to 14.1.00.422. The flaw allows a local attacker to write a file with MyFiles pri...

PT-2023-18202 · Contacts · Contacts

Name of the Vulnerable Software and Affected Versions: Contacts versions prior to SMR Feb-2023 Release 1 Description: The issue is related to the improper usage of implicit intent in Contacts, which allows an attacker to obtain an account ID. Recommendations: For versions prior to SMR Feb-2023...

CVE-2023-21436

Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID...

CVE-2023-21447

Improper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local attackers to access information with Samsung Cloud's privilege via implicit intent...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, and more, from the South Korean company Samsung SAMSUNG. SAMSUNG Mobile devices Android R11 before 12.2.09, Android S12 before 13.1.03.501, and Android T13 before 14.1.00.422 contain a security...

The patch is not sufficient: there is another insidious exploit that can cause the same critical consequences

Lines of code Vulnerability details Status Has been reported to and confirmed by Jeff ENS team Note to the Judge I am not sure whether I should label this as a newly-identified High or a mitigation hard error. The root cause of this issue seems as same as the original report, but this requires us...

CVE-2022-39915

Improper access control vulnerability in Calendar prior to versions 11.6.08.0 in Android Q10, 12.2.11.3000 in Android R11, 12.3.07.2000 in Android S12, and 12.4.02.0 in Android T13 allows attackers to access sensitive information via implicit intent...