Vulnerabilities > Samsung > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-04 | CVE-2023-21490 | Unspecified vulnerability in Samsung Android 11.0/12.0/13.0 Improper access control in GearManagerStub prior to SMR May-2023 Release 1 allows a local attacker to delete applications installed by watchmanager. | 7.1 |
| 2023-05-04 | CVE-2023-21491 | Unspecified vulnerability in Samsung Android 12.0/13.0 Improper access control vulnerability in ThemeManager prior to SMR May-2023 Release 1 allows local attackers to write arbitrary files with system privilege. | 7.8 |
| 2023-05-04 | CVE-2023-21497 | Use of Externally-Controlled Format String vulnerability in Samsung Android 13.0 Use of externally-controlled format string vulnerability in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the memory address. | 7.8 |
| 2023-05-04 | CVE-2023-21498 | Improper Input Validation vulnerability in Samsung Android 13.0 Improper input validation vulnerability in setPartnerTAInfo in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to overwrite the trustlet memory. | 7.8 |
| 2023-05-04 | CVE-2023-21499 | Out-of-bounds Write vulnerability in Samsung Android 13.0 Out-of-bounds write vulnerability in TA_Communication_mpos_encrypt_pin in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code. | 7.8 |
| 2023-05-04 | CVE-2023-21501 | Improper Input Validation vulnerability in Samsung Android 13.0 Improper input validation vulnerability in mPOS fiserve trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code. | 7.8 |
| 2023-05-04 | CVE-2023-21502 | Improper Input Validation vulnerability in Samsung Android 12.0/13.0 Improper input validation vulnerability in FactoryTest application prior to SMR May-2023 Release 1 allows local attackers to get privilege escalation via debugging commands. | 7.8 |
| 2023-03-16 | CVE-2023-21457 | Unspecified vulnerability in Samsung Android 11.0/12.0/13.0 Improper access control vulnerability in Bluetooth prior to SMR Mar-2023 Release 1 allows attackers to send file via Bluetooth without related permission. low complexity samsung | 8.1 |
| 2023-02-09 | CVE-2023-21420 | Use of Externally-Controlled Format String vulnerability in Samsung Android 10.0/11.0 Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution. | 7.8 |
| 2023-02-09 | CVE-2023-21421 | Improper Privilege Management vulnerability in Samsung Android 10.0/11.0 Improper Handling of Insufficient Permissions or Privileges vulnerability in KnoxCustomManagerService prior to SMR Jan-2023 Release 1 allows attacker to access device SIM PIN. | 7.8 |