CVSS: 7.8EPSS: 0%CPEs: 69EXPL: 0CVE-2023-30712
https://notcve.org/view.php?id=CVE-2023-30712
06 Sep 2023 — Improper input validation in Settings Suggestions prior to SMR Sep-2023 Release 1 allows attackers to launch arbitrary activity. Validación de entrada incorrecta en Settings Suggestions anterior a SMR Sep-2023 Release 1 permite a los atacantes lanzar una actividad arbitraria. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09 • CWE-20: Improper Input Validation •
CVSS: 4.0EPSS: 0%CPEs: 69EXPL: 0CVE-2023-30711
https://notcve.org/view.php?id=CVE-2023-30711
06 Sep 2023 — Improper authentication in Phone and Messaging Storage SMR SEP-2023 Release 1 allows attacker to insert arbitrary data to the provider. Una vulnerabilidad de autenticación incorrecta en Phone and Messaging Storage SMR SEP-2023 Release 1 permite a un atacante insertar datos arbitrarios en el proveedor. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09 •
CVSS: 8.5EPSS: 0%CPEs: 69EXPL: 0CVE-2023-30710
https://notcve.org/view.php?id=CVE-2023-30710
06 Sep 2023 — Improper input validation vulnerability in Knox AI prior to SMR Sep-2023 Release 1 allows local attackers to launch privileged activities. Vulnerabilidad de validación de entrada incorrecta en Knox AI anterior a SMR Sep-2023 Release 1 permite a atacantes locales iniciar actividades privilegiadas. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09 •
CVSS: 7.9EPSS: 0%CPEs: 69EXPL: 0CVE-2023-30709
https://notcve.org/view.php?id=CVE-2023-30709
06 Sep 2023 — Improper access control in Dual Messenger prior to SMR Sep-2023 Release 1 allows local attackers launch activity with system privilege. Una vulnerabilidad de control de acceso inadecuado en Dual Messenger anterior a SMR Sep-2023 Release 1 permite a los atacantes locales iniciar actividades con privilegios del sistema. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09 •
CVSS: 7.8EPSS: 0%CPEs: 69EXPL: 0CVE-2023-30708
https://notcve.org/view.php?id=CVE-2023-30708
06 Sep 2023 — Improper authentication in SecSettings prior to SMR Sep-2023 Release 1 allows attacker to access Captive Portal Wi-Fi in Reactivation Lock status. Una autenticación inadecuada en SecSettings anterior a SMR Sep-2023 Release 1 permite al atacante a acceder al portal cautivo Wi-Fi en el estado de bloqueo de reactivación. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09 • CWE-287: Improper Authentication •
CVSS: 7.1EPSS: 0%CPEs: 69EXPL: 0CVE-2023-30707
https://notcve.org/view.php?id=CVE-2023-30707
06 Sep 2023 — Improper input validation vulnerability in FileProviderStatusReceiver in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows local attackers to delete arbitrary files with Samsung Keyboard privilege. Una vulnerabilidad de validación de entrada inadecuada en "FileProviderStatusReceiver" en Samsung Keyboard anterior a SMR Sep-2023 Release 1 permite a los atacantes locales eliminar archivos arbitrarios con el privilegio de Samsung Keyboard. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09 •
CVSS: 7.5EPSS: 0%CPEs: 69EXPL: 0CVE-2023-30706
https://notcve.org/view.php?id=CVE-2023-30706
06 Sep 2023 — Improper authorization in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows attacker to read arbitrary file with system privilege. Autorización incorrecta en Samsung Keyboard anterior a SMR Sep-2023 Release 1 permite al atacante leer archivos arbitrarios con privilegios del sistema. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09 •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-32805
https://notcve.org/view.php?id=CVE-2023-32805
04 Sep 2023 — In power, there is a possible out of bounds write due to an insecure default value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08102892; Issue ID: ALPS08102892. En power, existe una posible escritura fuera de límites debido a un valor predeterminado inseguro. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-20851
https://notcve.org/view.php?id=CVE-2023-20851
04 Sep 2023 — In stc, there is a possible out of bounds read due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08048635; Issue ID: ALPS08048635. En el componente stc, hay una posible lectura fuera de límites debido a una condición de carrera. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0CVE-2023-20850
https://notcve.org/view.php?id=CVE-2023-20850
04 Sep 2023 — In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340381. En imgsys_cmdq, existe una posible escritura fuera de límites debido a que falta una verificación de rango válido. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-787: Out-of-bounds Write •