CVE-2023-42571Samsung Find MY Mobile vulnerability

3 documents3 sources
Severity
6.8MEDIUMNVD
CNA7.6
EPSS
0.2%
top 54.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Samsung Find MY Mobile
Timeline
PublishedDec 5

Description

Abuse of remote unlock in Find My Mobile prior to version 7.3.13.4 allows physical attacker to unlock the device remotely by resetting the Samsung Account password with SMS verification when user lost the device.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 0.9 | Impact: 5.9

Affected Packages1 packages

NVDsamsung/find_my_mobile< 7.3.13.4

🔴Vulnerability Details

2
CVEList
CVE-2023-42571: Abuse of remote unlock in Find My Mobile prior to version 72023-12-05
GHSA
GHSA-g8j6-372w-jg3p: Abuse of remote unlock in Find My Mobile prior to version 72023-12-05
CVE-2023-42571 — Samsung Find MY Mobile vulnerability | cvebase