CVE-2023-21462Insertion of Sensitive Information Into Debugging Code in Mobile Quick Share Agent

CWE-215Insertion of Sensitive Information Into Debugging Code3 documents3 sources
Severity
3.3LOWNVD
CNA4.2
EPSS
0.1%
top 84.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Samsung Mobile Quick Share AgentSamsung Quick Share
Timeline
PublishedMar 16

Description

The sensitive information exposure vulnerability in Quick Share Agent prior to versions 3.5.14.18 in Android 12 and 3.5.16.20 in Android 13 allows to local attacker to access MAC address without related permission.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5samsung_mobile/quick_share_agentunspecified3.5.14.18 in Android 12 and 3.5.16.20 in Android 13
NVDsamsung/quick_share< 3.5.14.18+1

🔴Vulnerability Details

2
CVEList
CVE-2023-21462: The sensitive information exposure vulnerability in Quick Share Agent prior to versions 32023-03-16
GHSA
GHSA-v958-rf72-rpxh: The sensitive information exposure vulnerability in Quick Share Agent prior to versions 32023-03-16
CVE-2023-21462 — Mobile Quick Share Agent vulnerability | cvebase