CVSS: 4.0EPSS: 0%CPEs: 128EXPL: 0CVE-2023-21429
https://notcve.org/view.php?id=CVE-2023-21429
Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access SSID. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=01 • CWE-285: Improper Authorization •
CVSS: 5.5EPSS: 0%CPEs: 78EXPL: 0CVE-2023-21435
https://notcve.org/view.php?id=CVE-2023-21435
Exposure of Sensitive Information vulnerability in Fingerprint TA prior to SMR Feb-2023 Release 1 allows attackers to access the memory address information via log. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=02 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.2EPSS: 0%CPEs: 78EXPL: 0CVE-2023-21446
https://notcve.org/view.php?id=CVE-2023-21446
Improper input validation in MyFiles prior to version 12.2.09 in Android R(11), 13.1.03.501 in Android S( 12) and 14.1.00.422 in Android T(13) allows local attacker to access data of MyFiles. • https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=02 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 78EXPL: 0CVE-2023-21445
https://notcve.org/view.php?id=CVE-2023-21445
Improper access control vulnerability in MyFiles prior to versions 12.2.09 in Android R(11), 13.1.03.501 in Android S(12) and 14.1.00.422 in Android T(13) allows local attacker to write file with MyFiles privilege via implicit intent. • https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=02 • CWE-284: Improper Access Control CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 5.7EPSS: 0%CPEs: 63EXPL: 0CVE-2023-21422
https://notcve.org/view.php?id=CVE-2023-21422
Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding WifiService. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=01 • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •