CVE-2023-30675
First published: Thu Jul 06 2023(Updated: )
Improper authentication in Samsung Pass prior to version 4.2.03.1 allows local attacker to access stored account information when Samsung Wallet is not installed.
Credit: mobile.security@samsung.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samsung Pass | <4.2.03.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2023-30675.
What is the severity of CVE-2023-30675?
The severity of CVE-2023-30675 is medium with a CVSS score of 5.5.
What is the affected software?
The affected software is Samsung Pass prior to version 4.2.03.1.
How can a local attacker exploit CVE-2023-30675?
A local attacker can exploit CVE-2023-30675 by accessing stored account information when Samsung Wallet is not installed.
Is there a solution for CVE-2023-30675?
Yes, upgrading to Samsung Pass version 4.2.03.1 or later resolves CVE-2023-30675.
- collector/nvd-index
- agent/references
- agent/author
- agent/severity
- agent/type
- agent/weakness
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/samsung
- canonical/samsung pass