exploitDog

CVE-2023-42571

Опубликовано: 05 дек. 2023

Источник: nvd

CVSS3: 7.6

CVSS3: 6.8

EPSS Низкий

Описание

Abuse of remote unlock in Find My Mobile prior to version 7.3.13.4 allows physical attacker to unlock the device remotely by resetting the Samsung Account password with SMS verification when user lost the device.

Ссылки

https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12
Vendor Advisory
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:samsung:find_my_mobile:*:*:*:*:*:*:*:*

Версия до 7.3.13.4 (исключая)

EPSS

Процентиль: 45%

0.00224

Низкий

7.6 High

CVSS3

6.8 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-g8j6-372w-jg3p

CVSS3: 7.6

github

около 2 лет назад

Abuse of remote unlock in Find My Mobile prior to version 7.3.13.4 allows physical attacker to unlock the device remotely by resetting the Samsung Account password with SMS verification when user lost the device.

EPSS

Процентиль: 45%

0.00224

Низкий

7.6 High

CVSS3

6.8 Medium

CVSS3

Дефекты

NVD-CWE-noinfo