CVE-2023-21441 HIGH

CVE-2023-21441

Vendor Samsung Mobile
Product Routine
Weakness CWE-345
Published February 9, 2023
Last update March 24, 2025

CVSS base score

7.4/10
Attack vector Local
Attack complexity High
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

What the vulnerability does

01Description

Insufficient Verification of Data Authenticity vulnerability in Routine prior to versions 2.6.30.6 in Android Q(10), 3.1.21.10 in Android R(11) and 3.5.2.23 in Android S(12) allows local attacker to access protected files via unused code.

Key dates

02Disclosure timeline

February 9, 2023 CVE published
March 24, 2025 Record updated