CVE-2023-42542
CVSS 3.1 Score 3.3 of 10 (low)
Details
Summary
CVE-2023-42542 is an improper access control vulnerability affecting Samsung Push Service prior to version 3.4.10. This issue permits local attackers to gain unauthorized access to the register ID, which can be used to identify specific devices. By exploiting this vulnerability, attackers can potentially bypass security measures and gain unintended access to sensitive information associated with the affected device. This vulnerability poses a significant risk to users' privacy and security. Samsung is strongly advised to apply the necessary patch to mitigate this issue and prevent potential attacks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.