Samsung Pass <4.2.03.1 Improper Auth Allows Local Access
CVE-2023-30675 Published on July 6, 2023

Improper authentication in Samsung Pass prior to version 4.2.03.1 allows local attacker to access stored account information when Samsung Wallet is not installed.

NVD

Vulnerability Analysis

CVE-2023-30675 can be exploited with local system access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Attack Vector:

LOCAL

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

NONE

Integrity Impact:

NONE

Availability Impact:

HIGH

Products Associated with CVE-2023-30675

stack.watch emails you whenever new vulnerabilities are published in Samsung Pass or Samsung Pass. Just hit a watch button to start following.

Samsung Pass

Affected Versions

Samsung Mobile Samsung Pass Version 4.2.03.1 is unaffected by CVE-2023-30675

Exploit Probability

EPSS

0.04%

Percentile

10.29%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Samsung Pass <4.2.03.1 Improper Auth Allows Local AccessCVE-2023-30675 Published on July 6, 2023

Vulnerability Analysis

Products Associated with CVE-2023-30675

Affected Versions

Exploit Probability

Samsung Pass <4.2.03.1 Improper Auth Allows Local Access
CVE-2023-30675 Published on July 6, 2023