← back
CVE-2023-42548

CVE-2023-42548

CVSS 5.5 MEDIUMEPSS 0.4%
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.5EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
07 Nov 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Use of implicit intent for sensitive communication vulnerability in startMandatoryCheckActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected products
Samsung Mobile · Samsung Account

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=11