CVE-2023-30642

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jul 6, 2023

Updated: Nov 7, 2023

CWE ID 269

Summary

CVE-2023-30642 is a privilege management vulnerability affecting the Galaxy Themes Service before the SMR Jul-2023 Release 1. This issue grants local attackers the ability to call privileged functions, potentially leading to unauthorized access or system manipulation. The vulnerability occurs due to inadequate access controls in the service, putting Samsung Galaxy devices at risk. It is strongly recommended that users install the latest software update to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Samsung Android

Affected Vendors

Samsung

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r5FpHS
https://www.cve.org/CVERecord?id=CVE-2023-30642
https://nvd.nist.gov/vuln/detail/CVE-2023-30642

Back to Vulnerability Database