CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-42543
https://notcve.org/view.php?id=CVE-2023-42543
Improper verification of intent by broadcast receiver vulnerability in Bixby Voice prior to version 3.3.35.12 allows attackers to access arbitrary data with Bixby Voice privilege. La verificación inadecuada de la intención mediante la vulnerabilidad del receptor de transmisión en Bixby Voice antes de la versión 3.3.35.12 permite a los atacantes acceder a datos arbitrarios con privilegios de Bixby Voice. • https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=11 •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-25398
https://notcve.org/view.php?id=CVE-2021-25398
Intent redirection vulnerability in Bixby Voice prior to version 3.1.12 allows attacker to access contacts. Una vulnerabilidad de redireccionamiento de intent en Bixby Voice versiones anteriores a 3.1.12, permite a un atacante acceder a los contactos • https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=5 • CWE-561: Dead Code •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-25352
https://notcve.org/view.php?id=CVE-2021-25352
Using PendingIntent with implicit intent in Bixby Voice prior to version 3.0.52.14 allows attackers to execute privileged action by hijacking and modifying the intent. Usar un PendingIntent con intención implícita en Bixby Voice versiones anteriores a 3.0.52.14, permite a atacantes ejecutar acciones privilegiadas al secuestrar y modificar la intención • https://security.samsungmobile.com https://security.samsungmobile.com/serviceWeb.smsb • CWE-285: Improper Authorization CWE-668: Exposure of Resource to Wrong Sphere •