Vulnerabilities > CVE-2023-21438 - Exposure of Resource to Wrong Sphere vulnerability in Samsung Android 11.0/12.0

Attack vector

PHYSICAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

low complexity

NVD

Published: 2023-02-09

Updated: 2023-02-21

Summary

Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access App preview protected by Secure Folder.

Vulnerable Configurations

Part	Description	Count
OS	Samsung Samsung Android 11.0 Samsung Android 12.0	63

Common Weakness Enumeration (CWE)

CWE-668 - Exposure of Resource to Wrong Sphere

References

https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=02

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.