← Volver a CVEs
CVE-2023-42576
MEDIUM5.4
Descripcion
Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid exception handler.
Detalles CVE
Puntuacion CVSS v3.15.4
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
Vector de ataquePHYSICAL
ComplejidadLOW
Privilegios requeridosHIGH
Interaccion usuarioREQUIRED
Publicado12/5/2023
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
samsung:pass
Debilidades (CWE)
CWE-287
Referencias
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12(mobile.security@samsung.com)
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.