CVE-2023-30684

CVSS 3.1 Score 3.3 of 10 (low)

Details

Published Aug 10, 2023
Updated: Nov 7, 2023

Summary

CVE-2023-30684 is a newly identified vulnerability affecting Samsung Telecom. This issue involves a lack of adequate access control in the system prior to the SMR Aug-2023 Release 1. Local attackers can exploit this vulnerability to call the acceptRingingCall API unauthorizedly, potentially leading to system compromise or unintended call handling. The implications of this weakness could range from privacy breaches to more severe consequences such as unauthorized call redirects or interception of calls. Samsung is advising users to apply the latest software update to mitigate the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share