Samsung Assistant PushMsgReceiver Improper Auth (JS Interface) <8.7.00.1
CVE-2023-30736 Published on October 4, 2023
Improper authorization in PushMsgReceiver of Samsung Assistant prior to version 8.7.00.1 allows attacker to execute javascript interface. To trigger this vulnerability, user interaction is required.
Vulnerability Analysis
CVE-2023-30736 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity, and a small impact on availability.
Products Associated with CVE-2023-30736
Want to know whenever a new CVE is published for Samsung Assistant? stack.watch will email you.
Affected Versions
Samsung Mobile Samsung Assistant Version 8.7.00.1 is unaffected by CVE-2023-30736Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.