CVE-2023-21453 — Improper Input Validation in Mobile Devices

CWE-20 — Improper Input Validation3 documents3 sources

Severity

5.5MEDIUMNVD

CNA6.0

EPSS

0.1%

top 84.73%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Samsung Mobile Devices Samsung Android

Timeline

PublishedMar 16

Description

Improper input validation vulnerability in SoftSim TA prior to SMR Mar-2023 Release 1 allows local attackers access to protected data.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5samsung_mobile/samsung_mobile_devicesSelected Android 13 devices — SMR Mar-2023 Release 1

▶NVDsamsung/android13.0

🔴Vulnerability Details

CVEList

CVE-2023-21453: Improper input validation vulnerability in SoftSim TA prior to SMR Mar-2023 Release 1 allows local attackers access to protected data↗2023-03-16

▶

GHSA

GHSA-7q68-9ffx-5v8q: Improper input validation vulnerability in SoftSim TA prior to SMR Mar-2023 Release 1 allows local attackers access to protected data↗2023-03-16

▶