Vulnerabilities > CVE-2023-30702 - Out-of-bounds Write vulnerability in Samsung products

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

samsung

CWE-787

NVD

Published: 2023-08-10

Updated: 2023-11-07

Summary

Stack overflow vulnerability in SSHDCPAPP TA prior to "SAMSUNG ELECTONICS, CO, LTD. - System Hardware Update - 7/13/2023" in Windows Update for Galaxy book Go, Galaxy book Go 5G, Galaxy book2 Go and Galaxy book2 Pro 360 allows local attacker to execute arbitrary code.

Vulnerable Configurations

Part	Description	Count
OS	Samsung Samsung Galaxy Book GO Firmware - Samsung Galaxy Book GO 5G Firmware - Samsung Galaxy Book2 GO Firmware - Samsung Galaxy Book2 PRO 360 Firmware -	4
Hardware	Samsung Samsung Galaxy Book GO - Samsung Galaxy Book GO 5G - Samsung Galaxy Book2 GO - Samsung Galaxy Book2 PRO 360 -	4

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=08