Samsung Mobile Samsung Mobile Devices vQ(10), R(11), S(12), T(13) - 9 CVEs

CVE-2023-21437

Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast.

MEDIUM CVSS 4.0 Published Feb 09, 2023

CVE-2023-21421

Improper Handling of Insufficient Permissions or Privileges vulnerability in KnoxCustomManagerService prior to SMR Jan-2023 Release 1 allows attacker to access device SIM PIN.

MEDIUM CVSS 5.9 Published Feb 09, 2023

CVE-2023-21436

Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID.

LOW CVSS 3.3 Published Feb 09, 2023

CVE-2023-21429

Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access SSID.

MEDIUM CVSS 4.0 Published Feb 09, 2023

CVE-2023-21430

An out-of-bound read vulnerability in mapToBuffer function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR JAN-2023 Release 1 allows attacker to cause memory access fault.

MEDIUM CVSS 4.4 Published Feb 09, 2023

CVE-2023-21425

Improper access control vulnerability in telecom application prior to SMR JAN-2023 Release 1 allows local attackers to get sensitive information.

MEDIUM CVSS 4.3 Published Feb 09, 2023

CVE-2022-39898

Improper access control vulnerability in IIccPhoneBook prior to SMR Dec-2022 Release 1 allows attackers to access some information of usim.

MEDIUM CVSS 4.0 Published Dec 08, 2022

CVE-2022-39906

Improper access control vulnerability in SecTelephonyProvider prior to SMR Dec-2022 Release 1 allows attackers to access message information.

LOW CVSS 2.3 Published Dec 08, 2022

CVE-2022-39905

Implicit intent hijacking vulnerability in Telecom application prior to SMR Dec-2022 Release 1 allows attacker to access sensitive information via implicit intent.