CVE-2023-42578

Published Dec 5, 2023

Last updated a year ago

Overview

Description
Improper handling of insufficient permissions or privileges vulnerability in Samsung Data Store prior to version 5.2.00.7 allows remote attackers to access location information without permission.
Source
mobile.security@samsung.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
7.5
Impact score
3.6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity
HIGH

Weaknesses

nvd@nist.gov
CWE-755

Social media

Hype score
Not currently trending

Configurations