CVE-2023-30704

EPSS 0.06%
Published 10.08.2023 02:15:12
Last modified 21.11.2024 08:00:43
Source mobile.security@samsung.com
Teams watchlist Login
Open Login

Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication.

Affected products Warnungen 0 Metrics 3 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

Samsung ≫ Internet Version < 22.0.0.35

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.06%	0.19

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.6	0.9	3.6	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
mobile.security@samsung.com	3.8	0.2	3.6	CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=08

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-30704

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-30704

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-30704

EUVD