CVE-2023-42540

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 7, 2023
Updated: Nov 14, 2023

Summary

CVE-2023-42540 is a serious access control vulnerability affecting Samsung Account versions prior to 14.5.01.1. This issue grants unauthorized access to sensitive user information through an implicit intent, allowing attackers to bypass intended security restrictions and potentially gain unlimited access to account data. The vulnerability represents a significant privacy risk for Samsung Account users and necessitates immediate updates to mitigate this issue. Samsung is urged to address this problem promptly to prevent further exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share