CVE-2023-30675

Summary

Improper authentication in Samsung Pass prior to version 4.2.03.1 allows local attacker to access stored account information when Samsung Wallet is not installed.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileSamsung Pass4.2.03.1unaffected

Weaknesses

  • CWE-287: Improper Authentication

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References