CVE-2023-21493 MEDIUM

CVE-2023-21493

Vendor Samsung Mobile

Product Samsung Mobile Devices

Weakness CWE-284

Published May 4, 2023

Last update February 12, 2025

CVSS base score

6.8/10

Attack vector Local

Attack complexity Low

Privileges required None

User interaction None

Confidentiality High

Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

What the vulnerability does

01Description

Improper access control vulnerability in SemShareFileProvider prior to SMR May-2023 Release 1 allows local attackers to access protected data.

Key dates

May 4, 2023 CVE published

February 12, 2025 Record updated

External resources

Related vulnerabilities

CVE CVE-2023-21493

CWE CWE-284

CVSS 6.8 / MEDIUM

Vendor Samsung Mobile

Product Samsung Mobile Devices

Affected ≥ Android 11, 12, 13 and < SMR May-2023 Release 1