CVE-2023-21444 HIGH

CVE-2023-21444

Vendor Samsung Mobile

Product Samsung Flow for PC

Weakness CWE-326 · Weak encryption

Published February 9, 2023

Last update March 24, 2025

CVSS base score

7.5/10

Attack vector Adjacent

Attack complexity High

Privileges required None

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Improper cryptographic implementation in Samsung Flow for PC 4.9.14.0 allows adjacent attackers to decrypt encrypted messages or inject commands.

Key dates

February 9, 2023 CVE published

March 24, 2025 Record updated

External resources

Related vulnerabilities

CVE CVE-2023-21444

CWE CWE-326

CVSS 7.5 / HIGH

Vendor Samsung Mobile

Product Samsung Flow for PC

Affected ≥ unspecified and < 4.9.14.0