CVE-2023-21458
https://notcve.org/view.php?id=CVE-2023-21458
Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1 allows attacker to turn off Do not disturb via unprotected intent. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=03 • CWE-269: Improper Privilege Management •
CVE-2023-21463
https://notcve.org/view.php?id=CVE-2023-21463
Improper access control vulnerability in MyFiles application prior to versions 12.2.09.0 in Android 11, 13.1.03.501 in Android 12 and 14.1.03.0 in Android 13 allows local attacker to get sensitive information of secret mode in Samsung Internet application with specific conditions. • https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=03 • CWE-284: Improper Access Control •
CVE-2023-21459
https://notcve.org/view.php?id=CVE-2023-21459
Use after free vulnerability in decon driver prior to SMR Mar-2023 Release 1 allows attackers to cause memory access fault. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=03 • CWE-416: Use After Free •
CVE-2023-21449
https://notcve.org/view.php?id=CVE-2023-21449
Improper access control vulnerability in Call application prior to SMR Mar-2023 Release 1 allows local attackers to access sensitive information without proper permission. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=03 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2023-21460
https://notcve.org/view.php?id=CVE-2023-21460
Improper authentication in SecSettings prior to SMR Mar-2023 Release 1 allows attacker to reset the setting. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=03 • CWE-287: Improper Authentication •