CVE-2023-42542

CVSS 3.1 Score 3.3 of 10 (low)

Details

Published Nov 7, 2023
Updated: Nov 14, 2023

Summary

CVE-2023-42542 is an improper access control vulnerability affecting Samsung Push Service prior to version 3.4.10. This issue permits local attackers to gain unauthorized access to the register ID, which can be used to identify specific devices. By exploiting this vulnerability, attackers can potentially bypass security measures and gain unintended access to sensitive information associated with the affected device. This vulnerability poses a significant risk to users' privacy and security. Samsung is strongly advised to apply the necessary patch to mitigate this issue and prevent potential attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share