CVSS: 7.1EPSS: 0%CPEs: 51EXPL: 0CVE-2023-21490
https://notcve.org/view.php?id=CVE-2023-21490
Improper access control in GearManagerStub prior to SMR May-2023 Release 1 allows a local attacker to delete applications installed by watchmanager. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-284: Improper Access Control •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21505
https://notcve.org/view.php?id=CVE-2023-21505
Improper access control in Samsung Core Service prior to version 2.1.00.36 allows attacker to write arbitrary file in sandbox. • https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=05 • CWE-285: Improper Authorization •
CVSS: 5.1EPSS: 0%CPEs: 51EXPL: 0CVE-2023-21487
https://notcve.org/view.php?id=CVE-2023-21487
Improper access control vulnerability in Telephony framework prior to SMR May-2023 Release 1 allows local attackers to change a call setting. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-287: Improper Authentication •
CVSS: 6.8EPSS: 0%CPEs: 50EXPL: 0CVE-2023-21493
https://notcve.org/view.php?id=CVE-2023-21493
Improper access control vulnerability in SemShareFileProvider prior to SMR May-2023 Release 1 allows local attackers to access protected data. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21507
https://notcve.org/view.php?id=CVE-2023-21507
Out-of-bounds Read vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA_ARRAY command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory. • https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=05 • CWE-125: Out-of-bounds Read •