CVE-2023-30657

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jul 6, 2023

Updated: Nov 7, 2023

CWE ID 20

Summary

CVE-2023-30657 is a vulnerability affecting EnhancedAttestationResult prior to the Jul-2023 Release 1. Attackers can exploit this improper input validation issue to launch privileged activities locally. This means that an attacker who has already gained access to the system can potentially escalate their privileges, leading to significant security risks. Organizations using the affected version are encouraged to update as soon as possible to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Samsung Android

Affected Vendors

Samsung

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r5FvNP
https://www.cve.org/CVERecord?id=CVE-2023-30657
https://nvd.nist.gov/vuln/detail/CVE-2023-30657

Back to Vulnerability Database