CVE-2023-30720

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Sep 6, 2023

Updated: Nov 7, 2023

Summary

CVE-2023-30720 is a newly disclosed vulnerability that affects the LmsAssemblyTrackerCTC component in systems prior to the Sep-2023 Release 1. This issue permits a local attacker to perform PendingIntent hijacking on the vulnerable system, granting them arbitrary file access. Successful exploitation could lead to unauthorized data manipulation or disclosure. The exact cause of the vulnerability is still under investigation, but it is recommended that affected systems be updated to the latest release as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Samsung Android

Affected Vendors

Samsung

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sk4KG1
https://www.cve.org/CVERecord?id=CVE-2023-30720
https://nvd.nist.gov/vuln/detail/CVE-2023-30720

Back to Vulnerability Database