CVE-2023-42571
First published: Tue Dec 05 2023(Updated: )
Abuse of remote unlock in Find My Mobile prior to version 7.3.13.4 allows physical attacker to unlock the device remotely by resetting the Samsung Account password with SMS verification when user lost the device.
Credit: mobile.security@samsung.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samsung Find My Mobile | <7.3.13.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2023-42571?
CVE-2023-42571 is classified as a high severity vulnerability.
How do I fix CVE-2023-42571?
To fix CVE-2023-42571, update Samsung Find My Mobile to version 7.3.13.4 or higher.
What does CVE-2023-42571 exploit?
CVE-2023-42571 exploits the ability to remotely unlock devices by resetting Samsung Account passwords via SMS verification.
Who is affected by CVE-2023-42571?
Users of Samsung Find My Mobile versions prior to 7.3.13.4 are affected by CVE-2023-42571.
Can I still use Find My Mobile if affected by CVE-2023-42571?
Yes, you can still use Find My Mobile, but it is highly recommended to update to the latest version for security.
- collector/nvd-api
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/weakness
- agent/author
- agent/severity
- agent/references
- agent/tags
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- vendor/samsung
- canonical/samsung find my mobile