CVE-2023-30640

CVSS 3.1 Score 3.3 of 10 (low)

Details

Published Jul 6, 2023

Updated: Nov 7, 2023

Summary

CVE-2023-30640 is an improper access control vulnerability affecting the PersonaManagerService prior to the Jul-2023 Release 1. This issue grants local attackers the ability to modify configuration settings, potentially leading to unintended and unauthorized changes. The vulnerability could result in significant consequences, depending on the specific impacted configuration. It is strongly recommended that affected organizations apply the necessary patches to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Samsung Android

Affected Vendors

Samsung

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r5E2Az
https://www.cve.org/CVERecord?id=CVE-2023-30640
https://nvd.nist.gov/vuln/detail/CVE-2023-30640

Back to Vulnerability Database