CVE-2023-42551

Summary

Use of implicit intent for sensitive communication vulnerability in startTncActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileSamsung Account14.5.00.7unaffected

Weaknesses

  • CWE-927 : Use of Implicit Intent for Sensitive Communication

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References