CVE-2023-30738
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
An improper input validation in UEFI Firmware prior to Firmware update Oct-2023 Release in Galaxy Book, Galaxy Book Pro, Galaxy Book Pro 360 and Galaxy Book Odyssey allows local attacker to execute SMM memory corruption.
Una validación de entrada incorrecta en el firmware UEFI antes del lanzamiento de la actualización de firmware de octubre de 2023 en Galaxy Book, Galaxy Book Pro, Galaxy Book Pro 360 y Galaxy Book Odyssey permite a un atacante local ejecutar corrupción de memoria SMM.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-04-14 CVE Reserved
- 2023-10-04 CVE Published
- 2023-10-04 EPSS Updated
- 2024-09-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=10 | 2023-11-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Samsung Search vendor "Samsung" | Galaxy Book Firmware Search vendor "Samsung" for product "Galaxy Book Firmware" | < oct-2023 Search vendor "Samsung" for product "Galaxy Book Firmware" and version " < oct-2023" | - |
Affected
| in | Samsung Search vendor "Samsung" | Galaxy Book Search vendor "Samsung" for product "Galaxy Book" | - | - |
Safe
|
| Samsung Search vendor "Samsung" | Galaxy Book Pro Firmware Search vendor "Samsung" for product "Galaxy Book Pro Firmware" | < oct-2023 Search vendor "Samsung" for product "Galaxy Book Pro Firmware" and version " < oct-2023" | - |
Affected
| in | Samsung Search vendor "Samsung" | Galaxy Book Pro Search vendor "Samsung" for product "Galaxy Book Pro" | - | - |
Safe
|
| Samsung Search vendor "Samsung" | Galaxy Book Pro 360 Firmware Search vendor "Samsung" for product "Galaxy Book Pro 360 Firmware" | < oct-2023 Search vendor "Samsung" for product "Galaxy Book Pro 360 Firmware" and version " < oct-2023" | - |
Affected
| in | Samsung Search vendor "Samsung" | Galaxy Book Pro 360 Search vendor "Samsung" for product "Galaxy Book Pro 360" | - | - |
Safe
|
| Samsung Search vendor "Samsung" | Galaxy Book Odyssey Firmware Search vendor "Samsung" for product "Galaxy Book Odyssey Firmware" | < oct-2023 Search vendor "Samsung" for product "Galaxy Book Odyssey Firmware" and version " < oct-2023" | - |
Affected
| in | Samsung Search vendor "Samsung" | Galaxy Book Odyssey Search vendor "Samsung" for product "Galaxy Book Odyssey" | - | - |
Safe
|