CVE-2023-21426
https://notcve.org/view.php?id=CVE-2023-21426
Hardcoded AES key to encrypt cardemulation PINs in NFC prior to SMR Jan-2023 Release 1 allows attackers to access cardemulation PIN. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=01 • CWE-798: Use of Hard-coded Credentials •
CVE-2023-21437
https://notcve.org/view.php?id=CVE-2023-21437
Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=02 • CWE-287: Improper Authentication •
CVE-2023-21436
https://notcve.org/view.php?id=CVE-2023-21436
Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=02 • CWE-285: Improper Authorization •
CVE-2023-21429
https://notcve.org/view.php?id=CVE-2023-21429
Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access SSID. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=01 • CWE-285: Improper Authorization •
CVE-2022-47452
https://notcve.org/view.php?id=CVE-2022-47452
In gnss driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services. • https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210 • CWE-787: Out-of-bounds Write •