Vulnerabilities > Samsung > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-05 | CVE-2023-42561 | Out-of-bounds Write vulnerability in Samsung Android 11.0/14.0 Heap out-of-bounds write vulnerability in bootloader prior to SMR Dec-2023 Release 1 allows a physical attacker to execute arbitrary code. | 6.8 |
| 2023-12-05 | CVE-2023-42564 | Unspecified vulnerability in Samsung Android 12.0/13.0/14.0 Improper access control in knoxcustom service prior to SMR Dec-2023 Release 1 allows attacker to send broadcast with system privilege. | 5.5 |
| 2023-12-05 | CVE-2023-42565 | Unspecified vulnerability in Samsung Android 13.0/14.0 Improper input validation vulnerability in Smart Clip prior to SMR Dec-2023 Release 1 allows local attackers with shell privilege to execute arbitrary code. | 6.7 |
| 2023-12-05 | CVE-2023-42568 | Unspecified vulnerability in Samsung Android 12.0/13.0 Improper access control vulnerability in SmartManagerCN prior to SMR Dec-2023 Release 1 allows local attackers to access arbitrary files with system privilege. | 4.4 |
| 2023-12-05 | CVE-2023-42571 | Unspecified vulnerability in Samsung Find MY Mobile Abuse of remote unlock in Find My Mobile prior to version 7.3.13.4 allows physical attacker to unlock the device remotely by resetting the Samsung Account password with SMS verification when user lost the device. low complexity samsung | 6.8 |
| 2023-12-05 | CVE-2023-42572 | Unspecified vulnerability in Samsung Account web Software Development KIT Implicit intent hijacking vulnerability in Samsung Account Web SDK prior to version 1.5.24 allows attacker to get sensitive information. | 5.5 |
| 2023-12-05 | CVE-2023-42573 | Unspecified vulnerability in Samsung Search Widget PendingIntent hijacking vulnerability in Search Widget prior to version 3.4 in China models allows local attackers to access data. | 5.5 |
| 2023-12-05 | CVE-2023-42575 | Incorrect Authorization vulnerability in Samsung Pass 4.0.05.1/4.2.03.1 Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid flag setting. | 6.8 |
| 2023-12-05 | CVE-2023-42576 | Improper Authentication vulnerability in Samsung Pass 4.0.05.1/4.2.03.1 Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid exception handler. | 6.8 |
| 2023-12-05 | CVE-2023-42579 | Cleartext Transmission of Sensitive Information vulnerability in Samsung Keyboard Improper usage of insecure protocol (i.e. | 5.3 |