CVE-2023-30704

CVSS 3.1 Score 4.6 of 10 (medium)

Details

Published Aug 10, 2023
Updated: Nov 7, 2023

Summary

CVE-2023-30704 is a vulnerability affecting Samsung Internet browsers prior to version 22.0.0.35. This issue involves improper authorization, allowing a physical attacker to bypass user authentication and gain unauthorized access to downloaded files in Secret Mode. This vulnerability poses a significant risk to user privacy and data security. Attackers can exploit this flaw to download sensitive files without the user's knowledge or consent. Users are advised to update their Samsung Internet browsers to the latest version to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Samsung Internet Browser

Affected Vendors

  • Samsung