CVE-2023-30712 — Improper Input Validation in Samsung Android

CWE-20 — Improper Input Validation3 documents3 sources

Severity

7.8HIGHNVD

CNA6.8

EPSS

0.1%

top 72.38%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Samsung Android

Timeline

PublishedSep 6

Description

Improper input validation in Settings Suggestions prior to SMR Sep-2023 Release 1 allows attackers to launch arbitrary activity.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

▶NVDsamsung/android11.0, 12.0, 13.0+2

🔴Vulnerability Details

CVEList

CVE-2023-30712: Improper input validation in Settings Suggestions prior to SMR Sep-2023 Release 1 allows attackers to launch arbitrary activity↗2023-09-06

▶

GHSA

GHSA-r2m5-2rj9-xx5j: Improper input validation in Settings Suggestions prior to SMR Sep-2023 Release 1 allows attackers to launch arbitrary activity↗2023-09-06

▶