← Zuruck zu CVEs
CVE-2023-30738
MEDIUM5.5
Beschreibung
An improper input validation in UEFI Firmware prior to Firmware update Oct-2023 Release in Galaxy Book, Galaxy Book Pro, Galaxy Book Pro 360 and Galaxy Book Odyssey allows local attacker to execute SMM memory corruption.
CVE Details
CVSS v3.1 Bewertung5.5
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht10/4/2023
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
samsung:galaxy_booksamsung:galaxy_book_firmwaresamsung:galaxy_book_odysseysamsung:galaxy_book_odyssey_firmwaresamsung:galaxy_book_prosamsung:galaxy_book_pro_360samsung:galaxy_book_pro_360_firmwaresamsung:galaxy_book_pro_firmware
Referenzen
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=10(mobile.security@samsung.com)
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=10(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.