Samsung Internet <=22.0.0.35 Improper Auth: Access files in Secret Mode
CVE-2023-30704 Published on August 10, 2023

Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication.

NVD

Vulnerability Analysis

CVE-2023-30704 is exploitable with physical access, and requires user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Attack Vector:

PHYSICAL

Attack Complexity:

HIGH

Privileges Required:

HIGH

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

NONE

Availability Impact:

NONE

Products Associated with CVE-2023-30704

Want to know whenever a new CVE is published for Samsung Internet? stack.watch will email you.

Samsung Internet

Affected Versions

Samsung Mobile Samsung Internet Version 22.0.0.35 is unaffected by CVE-2023-30704

Exploit Probability

EPSS

0.07%

Percentile

20.11%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Samsung Internet <=22.0.0.35 Improper Auth: Access files in Secret ModeCVE-2023-30704 Published on August 10, 2023

Vulnerability Analysis

Products Associated with CVE-2023-30704

Affected Versions

Exploit Probability

Samsung Internet <=22.0.0.35 Improper Auth: Access files in Secret Mode
CVE-2023-30704 Published on August 10, 2023