CVE-2023-30677
First published: Thu Jul 06 2023(Updated: )
Improper access control vulnerability in Samsung Pass prior to version 4.2.03.1 allows physical attackers to access data of Samsung Pass on a certain state of an unlocked device.
Credit: mobile.security@samsung.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samsung Pass | <4.2.03.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability in Samsung Pass?
The vulnerability is an improper access control vulnerability in Samsung Pass.
What is the severity of CVE-2023-30677?
The severity of CVE-2023-30677 is medium with a severity value of 4.6.
How can physical attackers exploit the vulnerability?
Physical attackers can exploit the vulnerability to access data of Samsung Pass on a certain state of an unlocked device.
Which version of Samsung Pass is affected by the vulnerability?
Samsung Pass prior to version 4.2.03.1 is affected by the vulnerability.
Is there a fix available for CVE-2023-30677?
Yes, updating to Samsung Pass version 4.2.03.1 or higher will fix the vulnerability.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/type
- agent/description
- agent/event
- agent/tags
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/samsung
- canonical/samsung pass