CVE-2023-21464 MEDIUM

CVE-2023-21464

Vendor Samsung Mobile
Product Samsung Calendar
Weakness CWE-281
Published March 16, 2023
Last update August 2, 2024

CVSS base score

4.0/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

Improper access control in Samsung Calendar prior to versions 12.4.02.9000 in Android 13 and 12.3.08.2000 in Android 12 allows local attacker to configure improper status.

Key dates

02Disclosure timeline

March 16, 2023 CVE published
August 2, 2024 Record updated