CVE-2023-21482

Summary

Missing authorization vulnerability in Camera prior to versions 11.1.02.18 in Android 11, 12.1.03.8 in Android 12 and 13.1.01.4 in Android 13 allows physical attackers to install package through Galaxy store before completion of Setup wizard.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileSamsung Camera11.1.02.18 in Android 11, 12.1.03.8 in Android 12 and 13.1.01.4 in Android 13unaffected

Weaknesses

  • CWE-862 Missing Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References