CVE-2023-42536

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 7, 2023

Updated: Mar 12, 2024

CWE ID 125

CWE ID 787

Summary

CVE-2023-42536 is a vulnerability affecting the saped_dec function in the libsaped library, prior to the Nov-2023 Release 1. This issue stems from inadequate input validation, enabling local attackers to manipulate data and trigger out-of-bounds read and write operations. The consequences of exploitation could potentially lead to system crashes or data corruption, making it crucial for users to apply the necessary security update.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Samsung Android

Affected Vendors

Samsung

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sqI43m
https://www.cve.org/CVERecord?id=CVE-2023-42536
https://nvd.nist.gov/vuln/detail/CVE-2023-42536

Back to Vulnerability Database