Vulnerabilities > Samsung > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-05 | CVE-2023-42565 | Unspecified vulnerability in Samsung Android 13.0/14.0 Improper input validation vulnerability in Smart Clip prior to SMR Dec-2023 Release 1 allows local attackers with shell privilege to execute arbitrary code. | 6.7 |
| 2023-12-05 | CVE-2023-42568 | Unspecified vulnerability in Samsung Android 12.0/13.0 Improper access control vulnerability in SmartManagerCN prior to SMR Dec-2023 Release 1 allows local attackers to access arbitrary files with system privilege. | 4.4 |
| 2023-12-05 | CVE-2023-42571 | Unspecified vulnerability in Samsung Find MY Mobile Abuse of remote unlock in Find My Mobile prior to version 7.3.13.4 allows physical attacker to unlock the device remotely by resetting the Samsung Account password with SMS verification when user lost the device. low complexity samsung | 6.8 |
| 2023-12-05 | CVE-2023-42572 | Unspecified vulnerability in Samsung Account web Software Development KIT Implicit intent hijacking vulnerability in Samsung Account Web SDK prior to version 1.5.24 allows attacker to get sensitive information. | 5.5 |
| 2023-12-05 | CVE-2023-42573 | Unspecified vulnerability in Samsung Search Widget PendingIntent hijacking vulnerability in Search Widget prior to version 3.4 in China models allows local attackers to access data. | 5.5 |
| 2023-12-05 | CVE-2023-42575 | Incorrect Authorization vulnerability in Samsung Pass 4.0.05.1/4.2.03.1 Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid flag setting. | 6.8 |
| 2023-12-05 | CVE-2023-42576 | Improper Authentication vulnerability in Samsung Pass 4.0.05.1/4.2.03.1 Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid exception handler. | 6.8 |
| 2023-12-05 | CVE-2023-42579 | Cleartext Transmission of Sensitive Information vulnerability in Samsung Keyboard Improper usage of insecure protocol (i.e. | 5.3 |
| 2023-11-08 | CVE-2023-41270 | Improper Restriction of Excessive Authentication Attempts vulnerability in Samsung Ue40D7000 Firmware Tgapdeuc1033.2 Improper Restriction of Excessive Authentication Attempts vulnerability in Samsung Smart TV UE40D7000 version T-GAPDEUC-1033.2 and before allows attackers to cause a denial of service via WPS attack tools. | 4.3 |
| 2023-11-07 | CVE-2023-42527 | Improper Input Validation vulnerability in Samsung Android 11.0/12.0 Improper input validation vulnerability in ProcessWriteFile of libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to expose sensitive information. | 5.5 |