CVE-2023-42539
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Summary
CVE-2023-42539 is a vulnerability affecting Samsung Health's ChallengeNotificationManager prior to version 6.25. This issue enables local attackers to hijack PendingIntents, allowing them unauthorized access to sensitive data. The vulnerability exists within the notification management system and can be exploited by attackers who have gained a foothold on the device. Successful exploitation could result in the theft or manipulation of confidential information. Users are strongly advised to update their Samsung Health application to the latest version to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Samsung Health
Affected Vendors
- Samsung