CVE-2023-30686

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 10, 2023

Updated: Nov 7, 2023

CWE ID 787

Summary

CVE-2023-30686 is a critical vulnerability affecting libsec-ril before the SMR Aug-2023 Release 1. An out-of-bounds write issue exists in the ReqDataRaw function, which a local attacker can exploit to execute arbitrary code. This vulnerability poses a significant risk, as an attacker can potentially gain control of the affected system and perform malicious actions. It is highly recommended that users apply the patch released by SMR to mitigate this issue and protect their systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Samsung Android

Affected Vendors

Samsung

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sRrgqD
https://www.cve.org/CVERecord?id=CVE-2023-30686
https://nvd.nist.gov/vuln/detail/CVE-2023-30686

Back to Vulnerability Database