Vulnerabilities > Samsung

DATE CVE VULNERABILITY TITLE RISK
2023-03-16 CVE-2023-21452 Unspecified vulnerability in Samsung Android 11.0/12.0/13.0
Improper usage of implicit intent in Bluetooth prior to SMR Mar-2023 Release 1 allows attacker to get MAC address of connected device.
local
low complexity
samsung
3.3
2023-03-16 CVE-2023-21453 Improper Input Validation vulnerability in Samsung Android 13.0
Improper input validation vulnerability in SoftSim TA prior to SMR Mar-2023 Release 1 allows local attackers access to protected data.
local
low complexity
samsung CWE-20
5.5
2023-03-16 CVE-2023-21454 Unspecified vulnerability in Samsung Android 11.0/12.0/13.0
Improper authorization in Samsung Keyboard prior to SMR Mar-2023 Release 1 allows physical attacker to access users text history on the lockscreen.
low complexity
samsung
2.4
2023-03-16 CVE-2023-21455 Unspecified vulnerability in Samsung Exynos Firmware
Improper authorization implementation in Exynos baseband prior to SMR Mar-2023 Release 1 allows incorrect handling of unencrypted message.
network
low complexity
samsung
critical
9.1
2023-03-16 CVE-2023-21456 Path Traversal vulnerability in Samsung Android 11.0/12.0/13.0
Path traversal vulnerability in Galaxy Themes Service prior to SMR Mar-2023 Release 1 allows attacker to access arbitrary file with system uid.
local
low complexity
samsung CWE-22
5.5
2023-03-16 CVE-2023-21457 Unspecified vulnerability in Samsung Android 11.0/12.0/13.0
Improper access control vulnerability in Bluetooth prior to SMR Mar-2023 Release 1 allows attackers to send file via Bluetooth without related permission.
low complexity
samsung
8.1
2023-03-16 CVE-2023-21458 Improper Privilege Management vulnerability in Samsung Android 11.0/12.0/13.0
Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1 allows attacker to turn off Do not disturb via unprotected intent.
local
low complexity
samsung CWE-269
3.3
2023-03-16 CVE-2023-21459 Use After Free vulnerability in Samsung Android 11.0/12.0/13.0
Use after free vulnerability in decon driver prior to SMR Mar-2023 Release 1 allows attackers to cause memory access fault.
network
low complexity
samsung CWE-416
critical
9.8
2023-03-16 CVE-2023-21460 Improper Authentication vulnerability in Samsung Android 11.0/12.0/13.0
Improper authentication in SecSettings prior to SMR Mar-2023 Release 1 allows attacker to reset the setting.
local
low complexity
samsung CWE-287
4.4
2023-03-16 CVE-2023-21461 Unspecified vulnerability in Samsung Android 11.0/12.0/13.0
Improper authorization vulnerability in AutoPowerOnOffConfirmDialog in Settings prior to SMR Mar-2023 Release 1 allows local attacker to turn device off via unprotected activity.
local
low complexity
samsung
5.5