Vulnerabilities > CVE-2023-21440 - Inclusion of Functionality from Untrusted Control Sphere vulnerability in Samsung Android 13.0

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
local
low complexity
samsung
CWE-829
NVD
Published: 2023-02-09
Updated: 2023-02-21

Summary

Improper access control vulnerability in WindowManagerService prior to SMR Feb-2023 Release 1 allows attackers to take a screen capture.

Vulnerable Configurations

Part Description Count
OS
Samsung
15

Common Weakness Enumeration (CWE)

References