CVE-2023-42532
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Nov 7, 2023
Updated: Nov 13, 2023
CWE ID 295
Summary
CVE-2023-42532 is a new vulnerability affecting FotaAgent before the SMR Nov-2023 Release1. The issue involves improper certificate validation, enabling a remote attacker to intercept network traffic. This includes sensitive firmware information, posing a significant risk to system security. An attacker can capitalize on this vulnerability to gain unauthorized access to confidential data, potentially leading to serious consequences. Organizations using FotaAgent are encouraged to update to the latest release to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Samsung Android
Affected Vendors
- Samsung