CVE-2023-42540
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Published Nov 7, 2023
Updated: Nov 14, 2023
Summary
CVE-2023-42540 is a serious access control vulnerability affecting Samsung Account versions prior to 14.5.01.1. This issue grants unauthorized access to sensitive user information through an implicit intent, allowing attackers to bypass intended security restrictions and potentially gain unlimited access to account data. The vulnerability represents a significant privacy risk for Samsung Account users and necessitates immediate updates to mitigate this issue. Samsung is urged to address this problem promptly to prevent further exploitation.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Samsung Account
Affected Vendors
- Samsung