CVE-2023-21425
https://notcve.org/view.php?id=CVE-2023-21425
Improper access control vulnerability in telecom application prior to SMR JAN-2023 Release 1 allows local attackers to get sensitive information. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=01 • CWE-287: Improper Authentication •
CVE-2023-21421
https://notcve.org/view.php?id=CVE-2023-21421
Improper Handling of Insufficient Permissions or Privileges vulnerability in KnoxCustomManagerService prior to SMR Jan-2023 Release 1 allows attacker to access device SIM PIN. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=01 • CWE-269: Improper Privilege Management CWE-280: Improper Handling of Insufficient Permissions or Privileges •
CVE-2023-21441
https://notcve.org/view.php?id=CVE-2023-21441
Insufficient Verification of Data Authenticity vulnerability in Routine prior to versions 2.6.30.6 in Android Q(10), 3.1.21.10 in Android R(11) and 3.5.2.23 in Android S(12) allows local attacker to access protected files via unused code. • https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=02 • CWE-345: Insufficient Verification of Data Authenticity •
CVE-2023-21420
https://notcve.org/view.php?id=CVE-2023-21420
Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=01 • CWE-134: Use of Externally-Controlled Format String •
CVE-2022-47452
https://notcve.org/view.php?id=CVE-2022-47452
In gnss driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services. • https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210 • CWE-787: Out-of-bounds Write •