CVE-2023-30671

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jul 6, 2023

Updated: Nov 7, 2023

Summary

CVE-2023-30671 is a newly disclosed vulnerability affecting the package installation process via adb (Android Debug Bridge) command. Prior to the Jul-2023 Release 1 of SMR (Security Maintenance Release), a logic error existed, enabling local attackers to manipulate the installation and downgrade applications to potentially vulnerable versions. This issue could lead to significant security risks, making it crucial for users to update their systems as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Samsung Android

Affected Vendors

Samsung

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r5F1Fe
https://www.cve.org/CVERecord?id=CVE-2023-30671
https://nvd.nist.gov/vuln/detail/CVE-2023-30671

Back to Vulnerability Database