CVE-2023-30651

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jul 6, 2023

Updated: Nov 7, 2023

CWE ID 787

Summary

CVE-2023-30651 is a newly disclosed vulnerability that affects the callgetTspsysfs function of the sysinput HAL service. Prior to the SMR Jul-2023 Release 1, this function suffered from an out-of-bounds read and write issue. An attacker who can locally exploit this vulnerability can execute arbitrary code, posing a significant risk to system security. This issue highlights the importance of timely software updates to mitigate known vulnerabilities and protect against potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Samsung Android

Affected Vendors

Samsung

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r5FpIx
https://www.cve.org/CVERecord?id=CVE-2023-30651
https://nvd.nist.gov/vuln/detail/CVE-2023-30651

Back to Vulnerability Database