Vulnerabilities > CVE-2023-30705 - Incorrect Authorization vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
local
low complexity
samsung
CWE-863

Summary

Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.56.6?allows local attackers to access privileged content providers as Galaxy Store permission.

Common Weakness Enumeration (CWE)