CVSS: 7.1EPSS: 0%CPEs: 51EXPL: 0CVE-2023-21489
https://notcve.org/view.php?id=CVE-2023-21489
Heap out-of-bounds write vulnerability in bootloader prior to SMR May-2023 Release 1 allows a physical attacker to execute arbitrary code. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-787: Out-of-bounds Write •
CVSS: 8.2EPSS: 0%CPEs: 8EXPL: 0CVE-2023-21499
https://notcve.org/view.php?id=CVE-2023-21499
Out-of-bounds write vulnerability in TA_Communication_mpos_encrypt_pin in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0CVE-2023-21502
https://notcve.org/view.php?id=CVE-2023-21502
Improper input validation vulnerability in FactoryTest application prior to SMR May-2023 Release 1 allows local attackers to get privilege escalation via debugging commands. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-20: Improper Input Validation •
CVSS: 8.5EPSS: 0%CPEs: 24EXPL: 0CVE-2023-21491
https://notcve.org/view.php?id=CVE-2023-21491
Improper access control vulnerability in ThemeManager prior to SMR May-2023 Release 1 allows local attackers to write arbitrary files with system privilege. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21506
https://notcve.org/view.php?id=CVE-2023-21506
Out-of-bounds Write vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA_ARRAY command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code. • https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=05 • CWE-787: Out-of-bounds Write •