CVE-2023-42575 MEDIUM

CVE-2023-42575

Published December 5, 2023
Last update October 15, 2024

CVSS base score

5.4/10
Attack vector Physical
Attack complexity Low
Privileges required High
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N

What the vulnerability does

01Description

Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid flag setting.

Key dates

02Disclosure timeline

December 5, 2023 CVE published
October 15, 2024 Record updated