CVE-2023-30684
CVSS 3.1 Score 3.3 of 10 (low)
Details
Summary
CVE-2023-30684 is a newly identified vulnerability affecting Samsung Telecom. This issue involves a lack of adequate access control in the system prior to the SMR Aug-2023 Release 1. Local attackers can exploit this vulnerability to call the acceptRingingCall API unauthorizedly, potentially leading to system compromise or unintended call handling. The implications of this weakness could range from privacy breaches to more severe consequences such as unauthorized call redirects or interception of calls. Samsung is advising users to apply the latest software update to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Samsung Android
Affected Vendors
- Samsung