Vulnerabilities > CVE-2023-42550 - Unspecified vulnerability in Samsung Account

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

samsung

NVD

Published: 2023-11-07

Updated: 2023-11-13

Summary

Use of implicit intent for sensitive communication vulnerability in startSignIn in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

Vulnerable Configurations

Part	Description	Count
Application	Samsung Samsung Account - Samsung Account 10.7.07 Samsung Account 10.8.0.4 Samsung Account 12.1.1.3 Samsung Account 12.2.0.9 Samsung Account 13.1.0.1 Samsung Account 13.5.01.3	7

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=11