{"vulnerability": "CVE-2023-2142", "sightings": [{"uuid": "17f2448c-616a-46ab-ba63-218a870f231b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2142", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113549027953253099", "content": "", "creation_timestamp": "2024-11-26T11:31:06.268969Z"}, {"uuid": "9aca3a54-72b8-44e8-94a3-3499b91c8efa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21429", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8505", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21429\n\ud83d\udd25 CVSS Score: 4 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access SSID.\n\ud83d\udccf Published: 2023-02-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-24T19:09:38.651Z\n\ud83d\udd17 References:\n1. https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=01", "creation_timestamp": "2025-03-24T19:23:11.000000Z"}, {"uuid": "b5c086fa-fb44-44c6-9af2-e0b19d5b579a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21422", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8532", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21422\n\ud83d\udd25 CVSS Score: 5.7 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L)\n\ud83d\udd39 Description: Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding WifiService.\n\ud83d\udccf Published: 2023-02-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-24T19:54:42.776Z\n\ud83d\udd17 References:\n1. https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=01", "creation_timestamp": "2025-03-24T20:23:52.000000Z"}, {"uuid": "83e0fb73-eb12-4020-8660-c18345610134", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21424", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8536", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21424\n\ud83d\udd25 CVSS Score: 5.1 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)\n\ud83d\udd39 Description: Improper Handling of Insufficient Permissions or Privileges vulnerability in SemChameleonHelper prior to SMR Jan-2023 Release 1 allows attacker to modify network related values, network code, carrier id and operator brand.\n\ud83d\udccf Published: 2023-02-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-24T19:51:00.955Z\n\ud83d\udd17 References:\n1. https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=01", "creation_timestamp": "2025-03-24T20:23:55.000000Z"}, {"uuid": "b8b7289a-7cc6-49f5-97d6-97ddd1f6f6b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21428", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8540", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21428\n\ud83d\udd25 CVSS Score: 4 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code.\n\ud83d\udccf Published: 2023-02-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-24T19:49:20.241Z\n\ud83d\udd17 References:\n1. https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=01", "creation_timestamp": "2025-03-24T20:24:02.000000Z"}, {"uuid": "3bd9e921-193f-45ae-a1e8-805fd5bbf276", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21426", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8538", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21426\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)\n\ud83d\udd39 Description: Hardcoded AES key to encrypt cardemulation PINs in NFC prior to SMR Jan-2023 Release 1 allows attackers to access cardemulation PIN.\n\ud83d\udccf Published: 2023-02-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-24T19:50:11.639Z\n\ud83d\udd17 References:\n1. https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=01", "creation_timestamp": "2025-03-24T20:24:00.000000Z"}, {"uuid": "1a055ac0-9e62-4ae0-bcf0-a5b42734eae4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21423", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8533", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21423\n\ud83d\udd25 CVSS Score: 5.1 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)\n\ud83d\udd39 Description: Improper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1 allows attacker to control BLE advertising without permission using unprotected action.\n\ud83d\udccf Published: 2023-02-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-24T19:54:17.114Z\n\ud83d\udd17 References:\n1. https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=01", "creation_timestamp": "2025-03-24T20:23:53.000000Z"}, {"uuid": "0110141e-0ca4-433f-af05-eec885e025dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21425", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8537", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21425\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)\n\ud83d\udd39 Description: Improper access control vulnerability in telecom application prior to SMR JAN-2023 Release 1 allows local attackers to get sensitive information.\n\ud83d\udccf Published: 2023-02-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-24T19:50:35.587Z\n\ud83d\udd17 References:\n1. https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=01", "creation_timestamp": "2025-03-24T20:23:59.000000Z"}, {"uuid": "87093cc0-e1c1-4785-a47e-bdd4ee295caa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21427", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8539", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21427\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)\n\ud83d\udd39 Description: Improper access control vulnerability in NfcTile prior to SMR Jan-2023 Release 1 allows to attacker to use NFC without user recognition.\n\ud83d\udccf Published: 2023-02-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-24T19:49:49.095Z\n\ud83d\udd17 References:\n1. https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=01", "creation_timestamp": "2025-03-24T20:24:01.000000Z"}, {"uuid": "e3062234-4c78-4908-a007-383a70825a02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21428", "type": "seen", "source": "https://t.me/cibsecurity/57863", "content": "\u203c CVE-2023-21428 \u203c\n\nImproper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-09T22:26:14.000000Z"}, {"uuid": "e6a6f243-1c45-48c9-9a21-ef80e6a752b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21423", "type": "seen", "source": "https://t.me/cibsecurity/57858", "content": "\u203c CVE-2023-21423 \u203c\n\nImproper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1 allows attacker to control BLE advertising without permission using unprotected action.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-09T22:26:09.000000Z"}, {"uuid": "cf083a2e-77ba-4d8d-b9cc-968bd2dc5236", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21429", "type": "seen", "source": "https://t.me/cibsecurity/57857", "content": "\u203c CVE-2023-21429 \u203c\n\nImproper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access SSID.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-09T22:26:08.000000Z"}]}