CVE-2023-21499
https://notcve.org/view.php?id=CVE-2023-21499
Out-of-bounds write vulnerability in TA_Communication_mpos_encrypt_pin in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-787: Out-of-bounds Write •
CVE-2023-21485
https://notcve.org/view.php?id=CVE-2023-21485
Improper export of android application components vulnerability in VideoPreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-926: Improper Export of Android Application Components •
CVE-2023-21496
https://notcve.org/view.php?id=CVE-2023-21496
Active Debug Code vulnerability in ActivityManagerService prior to SMR May-2023 Release 1 allows attacker to use debug function via setting debug level. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-489: Active Debug Code •
CVE-2023-21501
https://notcve.org/view.php?id=CVE-2023-21501
Improper input validation vulnerability in mPOS fiserve trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-20: Improper Input Validation •
CVE-2023-21490
https://notcve.org/view.php?id=CVE-2023-21490
Improper access control in GearManagerStub prior to SMR May-2023 Release 1 allows a local attacker to delete applications installed by watchmanager. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-284: Improper Access Control •