Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2023-2272
Vulnerability from csaf_certbund - Published: 2023-09-05 22:00 - Updated: 2023-09-05 22:00Summary
Samsung Android: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Das Android Betriebssystem ist eine quelloffene Plattform für mobile Geräte. Die Basis bildet der Linux-Kernel.
Angriff
Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in Samsung Android ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuführen.
Betroffene Betriebssysteme
- Android
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Das Android Betriebssystem ist eine quelloffene Plattform f\u00fcr mobile Ger\u00e4te. Die Basis bildet der Linux-Kernel.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in Samsung Android ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Android",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2272 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2272.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2272 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2272"
},
{
"category": "external",
"summary": "Samsung Security Advisory vom 2023-09-05",
"url": "https://security.samsungmobile.com/securityUpdate.smsb"
}
],
"source_lang": "en-US",
"title": "Samsung Android: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-09-05T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:58:05.198+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-2272",
"initial_release_date": "2023-09-05T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-09-05T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Samsung Android \u003c= 13",
"product": {
"name": "Samsung Android \u003c= 13",
"product_id": "T029730",
"product_identification_helper": {
"cpe": "cpe:/o:samsung:android:13"
}
}
}
],
"category": "vendor",
"name": "Samsung"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-40353",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-40353"
},
{
"cve": "CVE-2023-37377",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-37377"
},
{
"cve": "CVE-2023-37368",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-37368"
},
{
"cve": "CVE-2023-37367",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-37367"
},
{
"cve": "CVE-2023-35687",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-35687"
},
{
"cve": "CVE-2023-35684",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-35684"
},
{
"cve": "CVE-2023-35683",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-35683"
},
{
"cve": "CVE-2023-35682",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-35682"
},
{
"cve": "CVE-2023-35681",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-35681"
},
{
"cve": "CVE-2023-35679",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-35679"
},
{
"cve": "CVE-2023-35677",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-35677"
},
{
"cve": "CVE-2023-35676",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-35676"
},
{
"cve": "CVE-2023-35675",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-35675"
},
{
"cve": "CVE-2023-35674",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-35674"
},
{
"cve": "CVE-2023-35673",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-35673"
},
{
"cve": "CVE-2023-35671",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-35671"
},
{
"cve": "CVE-2023-35670",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-35670"
},
{
"cve": "CVE-2023-35669",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-35669"
},
{
"cve": "CVE-2023-35667",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-35667"
},
{
"cve": "CVE-2023-35666",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-35666"
},
{
"cve": "CVE-2023-35658",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-35658"
},
{
"cve": "CVE-2023-30721",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-30721"
},
{
"cve": "CVE-2023-30720",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-30720"
},
{
"cve": "CVE-2023-30719",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-30719"
},
{
"cve": "CVE-2023-30718",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-30718"
},
{
"cve": "CVE-2023-30717",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-30717"
},
{
"cve": "CVE-2023-30716",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-30716"
},
{
"cve": "CVE-2023-30715",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-30715"
},
{
"cve": "CVE-2023-30714",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-30714"
},
{
"cve": "CVE-2023-30713",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-30713"
},
{
"cve": "CVE-2023-30712",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-30712"
},
{
"cve": "CVE-2023-30711",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-30711"
},
{
"cve": "CVE-2023-30710",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-30710"
},
{
"cve": "CVE-2023-30709",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-30709"
},
{
"cve": "CVE-2023-30708",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-30708"
},
{
"cve": "CVE-2023-30707",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-30707"
},
{
"cve": "CVE-2023-30706",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-30706"
},
{
"cve": "CVE-2023-21626",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-21626"
},
{
"cve": "CVE-2023-21135",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-21135"
},
{
"cve": "CVE-2023-21118",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-21118"
},
{
"cve": "CVE-2023-20780",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2023-20780"
},
{
"cve": "CVE-2022-40510",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2022-40510"
},
{
"cve": "CVE-2020-29374",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen unter anderem in Tastatur, SecSettings, Dual Messenger, Knox AI, Telefon- und Nachrichtenspeicher, Einstellungsvorschl\u00e4gen, One UI Home und Wetter aufgrund einer unsachgem\u00e4\u00dfen Autorisierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung, einer unsachgem\u00e4\u00dfen Authentifizierung, einer unsachgem\u00e4\u00dfen Eingabevalidierung und einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren, seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein."
}
],
"product_status": {
"last_affected": [
"T029730"
]
},
"release_date": "2023-09-05T22:00:00.000+00:00",
"title": "CVE-2020-29374"
}
]
}
CVE-2023-30718 (GCVE-0-2023-30718)
Vulnerability from cvelistv5 – Published: 2023-09-06 03:12 – Updated: 2024-09-26 15:26
VLAI?
EPSS
Summary
Improper export of android application components vulnerability in WifiApAutoHotspotEnablingActivity prior to SMR Sep-2023 Release 1 allows local attacker to change a Auto Hotspot setting.
Severity ?
4 (Medium)
CWE
- CWE-926 - Improper Export of Android Application Components
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Sep-2023 Release in Android 13
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:37:14.788Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30718",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T15:02:37.336328Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:26:12.131Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Sep-2023 Release in Android 13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper export of android application components vulnerability in WifiApAutoHotspotEnablingActivity prior to SMR Sep-2023 Release 1 allows local attacker to change a Auto Hotspot setting."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-926: Improper Export of Android Application Components",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T03:12:04.918Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2023-30718",
"datePublished": "2023-09-06T03:12:04.918Z",
"dateReserved": "2023-04-14T01:59:51.137Z",
"dateUpdated": "2024-09-26T15:26:12.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30712 (GCVE-0-2023-30712)
Vulnerability from cvelistv5 – Published: 2023-09-06 03:11 – Updated: 2024-09-26 15:32
VLAI?
EPSS
Summary
Improper input validation in Settings Suggestions prior to SMR Sep-2023 Release 1 allows attackers to launch arbitrary activity.
Severity ?
6.8 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Sep-2023 Release in Android 13
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:37:14.823Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30712",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T15:06:14.744234Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:32:09.914Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Sep-2023 Release in Android 13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in Settings Suggestions prior to SMR Sep-2023 Release 1 allows attackers to launch arbitrary activity."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-20: Improper Input Validation",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T03:11:58.480Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2023-30712",
"datePublished": "2023-09-06T03:11:58.480Z",
"dateReserved": "2023-04-14T01:59:51.136Z",
"dateUpdated": "2024-09-26T15:32:09.914Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35670 (GCVE-0-2023-35670)
Vulnerability from cvelistv5 – Published: 2023-09-11 20:09 – Updated: 2025-05-02 16:53
VLAI?
EPSS
Summary
In computeValuesFromData of FileUtils.java, there is a possible way to insert files to other apps' external private directories due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity ?
7.8 (High)
CWE
- Elevation of privilege
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:43.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/db3c69afcb0a45c8aa2f333fcde36217889899fe"
},
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-35670",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:27:02.398085Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-02T16:53:52.496Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "13"
},
{
"status": "affected",
"version": "12L"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In computeValuesFromData of FileUtils.java, there is a possible way to insert files to other apps\u0027 external private directories due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T20:16:41.312Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/db3c69afcb0a45c8aa2f333fcde36217889899fe"
},
{
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2023-35670",
"datePublished": "2023-09-11T20:09:52.999Z",
"dateReserved": "2023-06-15T02:50:29.819Z",
"dateUpdated": "2025-05-02T16:53:52.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30710 (GCVE-0-2023-30710)
Vulnerability from cvelistv5 – Published: 2023-09-06 03:11 – Updated: 2024-09-26 15:32
VLAI?
EPSS
Summary
Improper input validation vulnerability in Knox AI prior to SMR Sep-2023 Release 1 allows local attackers to launch privileged activities.
Severity ?
8.5 (High)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Sep-2023 Release in Android 13
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:37:14.793Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30710",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T15:10:04.632783Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:32:49.840Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Sep-2023 Release in Android 13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation vulnerability in Knox AI prior to SMR Sep-2023 Release 1 allows local attackers to launch privileged activities."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-20 Improper Input Validation",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T03:11:56.455Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2023-30710",
"datePublished": "2023-09-06T03:11:56.455Z",
"dateReserved": "2023-04-14T01:59:51.136Z",
"dateUpdated": "2024-09-26T15:32:49.840Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37367 (GCVE-0-2023-37367)
Vulnerability from cvelistv5 – Published: 2023-09-08 00:00 – Updated: 2024-09-26 18:38
VLAI?
EPSS
Summary
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. In the NAS Task, an improperly implemented security check for standard can disallow desired services for a while via consecutive NAS messages.
Severity ?
5.3 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:09:34.050Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37367",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T18:38:48.263245Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T18:38:57.179Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. In the NAS Task, an improperly implemented security check for standard can disallow desired services for a while via consecutive NAS messages."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:N/A:L/C:N/I:N/PR:N/S:U/UI:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-08T02:05:03.793215",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-37367",
"datePublished": "2023-09-08T00:00:00",
"dateReserved": "2023-06-30T00:00:00",
"dateUpdated": "2024-09-26T18:38:57.179Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20780 (GCVE-0-2023-20780)
Vulnerability from cvelistv5 – Published: 2023-08-07 03:21 – Updated: 2024-10-17 14:41
VLAI?
EPSS
Summary
In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017756.
Severity ?
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:14:41.005Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20780",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-17T14:41:07.970344Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-17T14:41:18.229Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 11.0, 12.0, 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017756."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-07T03:21:00.627Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2023-20780",
"datePublished": "2023-08-07T03:21:00.627Z",
"dateReserved": "2022-10-28T02:03:10.776Z",
"dateUpdated": "2024-10-17T14:41:18.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30713 (GCVE-0-2023-30713)
Vulnerability from cvelistv5 – Published: 2023-09-06 03:11 – Updated: 2024-09-26 15:31
VLAI?
EPSS
Summary
Improper privilege management vulnerability in FolderLockNotifier in One UI Home prior to SMR Sep-2023 Release 1 allows local attackers to change some settings of the folder lock.
Severity ?
6.2 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Sep-2023 Release in Selected Android 11, 12, 13 devices
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:37:14.608Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30713",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T15:03:28.588370Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:31:06.371Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Sep-2023 Release in Selected Android 11, 12, 13 devices"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper privilege management vulnerability in FolderLockNotifier in One UI Home prior to SMR Sep-2023 Release 1 allows local attackers to change some settings of the folder lock."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-269: Improper Privilege Management",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T03:11:59.465Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2023-30713",
"datePublished": "2023-09-06T03:11:59.465Z",
"dateReserved": "2023-04-14T01:59:51.136Z",
"dateUpdated": "2024-09-26T15:31:06.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37368 (GCVE-0-2023-37368)
Vulnerability from cvelistv5 – Published: 2023-09-08 00:00 – Updated: 2024-09-26 18:16
VLAI?
EPSS
Summary
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos Mobile Processor, Automotive Processor, and Modem - Exynos 9810, Exynos 9610, Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123). In the Shannon MM Task, Missing validation of a NULL pointer can cause abnormal termination via a malformed NR MM packet.
Severity ?
5.9 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:09:34.196Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37368",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T18:15:54.711271Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T18:16:06.387Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos Mobile Processor, Automotive Processor, and Modem - Exynos 9810, Exynos 9610, Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123). In the Shannon MM Task, Missing validation of a NULL pointer can cause abnormal termination via a malformed NR MM packet."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:H/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-08T02:05:13.922904",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-37368",
"datePublished": "2023-09-08T00:00:00",
"dateReserved": "2023-06-30T00:00:00",
"dateUpdated": "2024-09-26T18:16:06.387Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30708 (GCVE-0-2023-30708)
Vulnerability from cvelistv5 – Published: 2023-09-06 03:11 – Updated: 2024-09-26 15:27
VLAI?
EPSS
Summary
Improper authentication in SecSettings prior to SMR Sep-2023 Release 1 allows attacker to access Captive Portal Wi-Fi in Reactivation Lock status.
Severity ?
4.6 (Medium)
CWE
- CWE-287 - Improper Authentication
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Sep-2023 Release in Android 11, 12, 13
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:37:15.564Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30708",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T15:10:18.364327Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:27:02.874Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Sep-2023 Release in Android 11, 12, 13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper authentication in SecSettings prior to SMR Sep-2023 Release 1 allows attacker to access Captive Portal Wi-Fi in Reactivation Lock status."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-287: Improper Authentication",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T03:11:54.441Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2023-30708",
"datePublished": "2023-09-06T03:11:54.441Z",
"dateReserved": "2023-04-14T01:59:51.130Z",
"dateUpdated": "2024-09-26T15:27:02.874Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21626 (GCVE-0-2023-21626)
Vulnerability from cvelistv5 – Published: 2023-08-08 09:14 – Updated: 2024-10-24 18:59
VLAI?
EPSS
Summary
Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.
Severity ?
7.1 (High)
CWE
- CWE-320 - Key Management Errors
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Affected:
APQ8009
Affected: APQ8017 Affected: APQ8037 Affected: AQT1000 Affected: AR8035 Affected: CSRA6620 Affected: CSRA6640 Affected: CSRB31024 Affected: FSM10056 Affected: MDM8207 Affected: MDM9205 Affected: MDM9206 Affected: MDM9207 Affected: MDM9607 Affected: MDM9628 Affected: MSM8108 Affected: MSM8208 Affected: MSM8209 Affected: MSM8608 Affected: MSM8917 Affected: MSM8920 Affected: MSM8937 Affected: MSM8940 Affected: PM8937 Affected: QAM8295P Affected: QCA4004 Affected: QCA4020 Affected: QCA6174A Affected: QCA6310 Affected: QCA6320 Affected: QCA6335 Affected: QCA6390 Affected: QCA6391 Affected: QCA6420 Affected: QCA6421 Affected: QCA6426 Affected: QCA6430 Affected: QCA6431 Affected: QCA6436 Affected: QCA6564 Affected: QCA6564A Affected: QCA6564AU Affected: QCA6574 Affected: QCA6574A Affected: QCA6574AU Affected: QCA6595 Affected: QCA6595AU Affected: QCA6696 Affected: QCA8081 Affected: QCA8337 Affected: QCA9367 Affected: QCA9377 Affected: QCA9379 Affected: QCM2290 Affected: QCM4290 Affected: QCM6125 Affected: QCM6490 Affected: QCN7606 Affected: QCS2290 Affected: QCS405 Affected: QCS410 Affected: QCS4290 Affected: QCS603 Affected: QCS605 Affected: QCS610 Affected: QCS6125 Affected: QCS6490 Affected: QCS8155 Affected: QCX315 Affected: QSM8350 Affected: Qualcomm215 Affected: SA4150P Affected: SA4155P Affected: SA415M Affected: SA515M Affected: SA6145P Affected: SA6150P Affected: SA6155 Affected: SA6155P Affected: SA8145P Affected: SA8150P Affected: SA8155 Affected: SA8155P Affected: SA8195P Affected: SA8295P Affected: SA8540P Affected: SA9000P Affected: SC8180X+SDX55 Affected: SD 455 Affected: SD 636 Affected: SD 675 Affected: SD 8 Gen1 5G Affected: SD 8cx Gen2 Affected: SD 8cx Gen3 Affected: SD205 Affected: SD210 Affected: SD429 Affected: SD439 Affected: SD450 Affected: SD460 Affected: SD480 Affected: SD625 Affected: SD626 Affected: SD632 Affected: SD660 Affected: SD662 Affected: SD665 Affected: SD670 Affected: SD675 Affected: SD678 Affected: SD680 Affected: SD690 5G Affected: SD695 Affected: SD710 Affected: SD720G Affected: SD730 Affected: SD750G Affected: SD765 Affected: SD765G Affected: SD768G Affected: SD778G Affected: SD780G Affected: SD7c Affected: SD835 Affected: SD845 Affected: SD850 Affected: SD855 Affected: SD865 5G Affected: SD870 Affected: SD888 Affected: SD888 5G Affected: SDA429W Affected: SDM429W Affected: SDM630 Affected: SDX24 Affected: SDX50M Affected: SDX55 Affected: SDX55M Affected: SDX65 Affected: SDXR1 Affected: SDXR2 5G Affected: SM4125 Affected: SM4375 Affected: SM6250 Affected: SM6250P Affected: SM7250P Affected: SM7315 Affected: SM7325P Affected: SXR2150P Affected: WCD9306 Affected: WCD9326 Affected: WCD9330 Affected: WCD9335 Affected: WCD9340 Affected: WCD9341 Affected: WCD9360 Affected: WCD9370 Affected: WCD9371 Affected: WCD9375 Affected: WCD9380 Affected: WCD9385 Affected: WCN3610 Affected: WCN3615 Affected: WCN3620 Affected: WCN3660 Affected: WCN3660B Affected: WCN3680 Affected: WCN3680B Affected: WCN3910 Affected: WCN3950 Affected: WCN3980 Affected: WCN3988 Affected: WCN3990 Affected: WCN3991 Affected: WCN3998 Affected: WCN6740 Affected: WCN6750 Affected: WCN6850 Affected: WCN6851 Affected: WCN6855 Affected: WCN6856 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8835 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:01.518Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:qualcomm:snapdragon:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "snapdragon",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "APQ8009"
},
{
"status": "affected",
"version": "APQ8017"
},
{
"status": "affected",
"version": "APQ8037"
},
{
"status": "affected",
"version": "AQT1000"
},
{
"status": "affected",
"version": "AR8035"
},
{
"status": "affected",
"version": "CSRA6620"
},
{
"status": "affected",
"version": "CSRA6640"
},
{
"status": "affected",
"version": "CSRB31024"
},
{
"status": "affected",
"version": "FSM10056"
},
{
"status": "affected",
"version": "MDM8207"
},
{
"status": "affected",
"version": "MDM9205"
},
{
"status": "affected",
"version": "MDM9206"
},
{
"status": "affected",
"version": "MDM9207"
},
{
"status": "affected",
"version": "MDM9607"
},
{
"status": "affected",
"version": "MDM9628"
},
{
"status": "affected",
"version": "MSM8108"
},
{
"status": "affected",
"version": "MSM8208"
},
{
"status": "affected",
"version": "MSM8209"
},
{
"status": "affected",
"version": "MSM8608"
},
{
"status": "affected",
"version": "MSM8917"
},
{
"status": "affected",
"version": "MSM8920"
},
{
"status": "affected",
"version": "MSM8937"
},
{
"status": "affected",
"version": "MSM8940"
},
{
"status": "affected",
"version": "PM8937"
},
{
"status": "affected",
"version": "QAM8295P"
},
{
"status": "affected",
"version": "QCA4004"
},
{
"status": "affected",
"version": "QCA4020"
},
{
"status": "affected",
"version": "QCA6174A"
},
{
"status": "affected",
"version": "QCA6310"
},
{
"status": "affected",
"version": "QCA6320"
},
{
"status": "affected",
"version": "QCA6335"
},
{
"status": "affected",
"version": "QCA6390"
},
{
"status": "affected",
"version": "QCA6391"
},
{
"status": "affected",
"version": "QCA6420"
},
{
"status": "affected",
"version": "QCA6421"
},
{
"status": "affected",
"version": "QCA6426"
},
{
"status": "affected",
"version": "QCA6430"
},
{
"status": "affected",
"version": "QCA6431"
},
{
"status": "affected",
"version": "QCA6436"
},
{
"status": "affected",
"version": "QCA6564"
},
{
"status": "affected",
"version": "QCA6564A"
},
{
"status": "affected",
"version": "QCA6564AU"
},
{
"status": "affected",
"version": "QCA6574"
},
{
"status": "affected",
"version": "QCA6574A"
},
{
"status": "affected",
"version": "QCA6574AU"
},
{
"status": "affected",
"version": "QCA6595"
},
{
"status": "affected",
"version": "QCA6595AU"
},
{
"status": "affected",
"version": "QCA6696"
},
{
"status": "affected",
"version": "QCA8081"
},
{
"status": "affected",
"version": "QCA8337"
},
{
"status": "affected",
"version": "QCA9367"
},
{
"status": "affected",
"version": "QCA9377"
},
{
"status": "affected",
"version": "QCA9379"
},
{
"status": "affected",
"version": "QCM2290"
},
{
"status": "affected",
"version": "QCM4290"
},
{
"status": "affected",
"version": "QCM6125"
},
{
"status": "affected",
"version": "QCM6490"
},
{
"status": "affected",
"version": "QCN7606"
},
{
"status": "affected",
"version": "QCS2290"
},
{
"status": "affected",
"version": "QCS405"
},
{
"status": "affected",
"version": "QCS410"
},
{
"status": "affected",
"version": "QCS4290"
},
{
"status": "affected",
"version": "QCS603"
},
{
"status": "affected",
"version": "QCS605"
},
{
"status": "affected",
"version": "QCS610"
},
{
"status": "affected",
"version": "QCS6125"
},
{
"status": "affected",
"version": "QCS6490"
},
{
"status": "affected",
"version": "QCS8155"
},
{
"status": "affected",
"version": "QCX315"
},
{
"status": "affected",
"version": "QSM8350"
},
{
"status": "affected",
"version": "Qualcomm215"
},
{
"status": "affected",
"version": "SA4150P"
},
{
"status": "affected",
"version": "SA4155P"
},
{
"status": "affected",
"version": "SA415M"
},
{
"status": "affected",
"version": "SA515M"
},
{
"status": "affected",
"version": "SA6145P"
},
{
"status": "affected",
"version": "SA6150P"
},
{
"status": "affected",
"version": "SA6155"
},
{
"status": "affected",
"version": "SA6155P"
},
{
"status": "affected",
"version": "SA8145P"
},
{
"status": "affected",
"version": "SA8150P"
},
{
"status": "affected",
"version": "SA8155"
},
{
"status": "affected",
"version": "SA8155P"
},
{
"status": "affected",
"version": "SA8195P"
},
{
"status": "affected",
"version": "SA8295P"
},
{
"status": "affected",
"version": "SA8540P"
},
{
"status": "affected",
"version": "SA9000P"
},
{
"status": "affected",
"version": "SC8180X+SDX55"
},
{
"status": "affected",
"version": "SD 455"
},
{
"status": "affected",
"version": "SD 636"
},
{
"status": "affected",
"version": "SD 675"
},
{
"status": "affected",
"version": "SD 8 Gen1 5G"
},
{
"status": "affected",
"version": "SD 8cx Gen2"
},
{
"status": "affected",
"version": "SD 8cx Gen3"
},
{
"status": "affected",
"version": "SD205"
},
{
"status": "affected",
"version": "SD210"
},
{
"status": "affected",
"version": "SD429"
},
{
"status": "affected",
"version": "SD439"
},
{
"status": "affected",
"version": "SD450"
},
{
"status": "affected",
"version": "SD460"
},
{
"status": "affected",
"version": "SD480"
},
{
"status": "affected",
"version": "SD625"
},
{
"status": "affected",
"version": "SD626"
},
{
"status": "affected",
"version": "SD632"
},
{
"status": "affected",
"version": "SD660"
},
{
"status": "affected",
"version": "SD662"
},
{
"status": "affected",
"version": "SD665"
},
{
"status": "affected",
"version": "SD670"
},
{
"status": "affected",
"version": "SD675"
},
{
"status": "affected",
"version": "SD678"
},
{
"status": "affected",
"version": "SD680"
},
{
"status": "affected",
"version": "SD690 5G"
},
{
"status": "affected",
"version": "SD695"
},
{
"status": "affected",
"version": "SD710"
},
{
"status": "affected",
"version": "SD720G"
},
{
"status": "affected",
"version": "SD730"
},
{
"status": "affected",
"version": "SD750G"
},
{
"status": "affected",
"version": "SD765"
},
{
"status": "affected",
"version": "SD765G"
},
{
"status": "affected",
"version": "SD768G"
},
{
"status": "affected",
"version": "SD778G"
},
{
"status": "affected",
"version": "SD780G"
},
{
"status": "affected",
"version": "SD7c"
},
{
"status": "affected",
"version": "SD835"
},
{
"status": "affected",
"version": "SD845"
},
{
"status": "affected",
"version": "SD850"
},
{
"status": "affected",
"version": "SD855"
},
{
"status": "affected",
"version": "SD865 5G"
},
{
"status": "affected",
"version": "SD870"
},
{
"status": "affected",
"version": "SD888"
},
{
"status": "affected",
"version": "SD888 5G"
},
{
"status": "affected",
"version": "SDA429W"
},
{
"status": "affected",
"version": "SDM429W"
},
{
"status": "affected",
"version": "SDM630"
},
{
"status": "affected",
"version": "SDX24"
},
{
"status": "affected",
"version": "SDX50M"
},
{
"status": "affected",
"version": "SDX55"
},
{
"status": "affected",
"version": "SDX55M"
},
{
"status": "affected",
"version": "SDX65"
},
{
"status": "affected",
"version": "SDXR1"
},
{
"status": "affected",
"version": "SDXR2 5G"
},
{
"status": "affected",
"version": "SM4125"
},
{
"status": "affected",
"version": "SM4375"
},
{
"status": "affected",
"version": "SM6250"
},
{
"status": "affected",
"version": "SM6250P"
},
{
"status": "affected",
"version": "SM7250P"
},
{
"status": "affected",
"version": "SM7315"
},
{
"status": "affected",
"version": "SM7325P"
},
{
"status": "affected",
"version": "SXR2150P"
},
{
"status": "affected",
"version": "WCD9306"
},
{
"status": "affected",
"version": "WCD9326"
},
{
"status": "affected",
"version": "WCD9330"
},
{
"status": "affected",
"version": "WCD9335"
},
{
"status": "affected",
"version": "WCD9340"
},
{
"status": "affected",
"version": "WCD9341"
},
{
"status": "affected",
"version": "WCD9360"
},
{
"status": "affected",
"version": "WCD9370"
},
{
"status": "affected",
"version": "WCD9371"
},
{
"status": "affected",
"version": "WCD9375"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WCN3610"
},
{
"status": "affected",
"version": "WCN3615"
},
{
"status": "affected",
"version": "WCN3620"
},
{
"status": "affected",
"version": "WCN3660"
},
{
"status": "affected",
"version": "WCN3660B"
},
{
"status": "affected",
"version": "WCN3680"
},
{
"status": "affected",
"version": "WCN3680B"
},
{
"status": "affected",
"version": "WCN3910"
},
{
"status": "affected",
"version": "WCN3950"
},
{
"status": "affected",
"version": "WCN3980"
},
{
"status": "affected",
"version": "WCN3988"
},
{
"status": "affected",
"version": "WCN3990"
},
{
"status": "affected",
"version": "WCN3991"
},
{
"status": "affected",
"version": "WCN3998"
},
{
"status": "affected",
"version": "WCN6740"
},
{
"status": "affected",
"version": "WCN6750"
},
{
"status": "affected",
"version": "WCN6850"
},
{
"status": "affected",
"version": "WCN6851"
},
{
"status": "affected",
"version": "WCN6855"
},
{
"status": "affected",
"version": "WCN6856"
},
{
"status": "affected",
"version": "WSA8810"
},
{
"status": "affected",
"version": "WSA8815"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8835"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21626",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T18:51:18.709645Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-24T18:59:08.395Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Auto",
"Snapdragon Compute",
"Snapdragon Connectivity",
"Snapdragon Consumer IOT",
"Snapdragon Industrial IOT",
"Snapdragon IoT",
"Snapdragon Mobile",
"Snapdragon Voice \u0026 Music",
"Snapdragon Wearables"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "APQ8009"
},
{
"status": "affected",
"version": "APQ8017"
},
{
"status": "affected",
"version": "APQ8037"
},
{
"status": "affected",
"version": "AQT1000"
},
{
"status": "affected",
"version": "AR8035"
},
{
"status": "affected",
"version": "CSRA6620"
},
{
"status": "affected",
"version": "CSRA6640"
},
{
"status": "affected",
"version": "CSRB31024"
},
{
"status": "affected",
"version": "FSM10056"
},
{
"status": "affected",
"version": "MDM8207"
},
{
"status": "affected",
"version": "MDM9205"
},
{
"status": "affected",
"version": "MDM9206"
},
{
"status": "affected",
"version": "MDM9207"
},
{
"status": "affected",
"version": "MDM9607"
},
{
"status": "affected",
"version": "MDM9628"
},
{
"status": "affected",
"version": "MSM8108"
},
{
"status": "affected",
"version": "MSM8208"
},
{
"status": "affected",
"version": "MSM8209"
},
{
"status": "affected",
"version": "MSM8608"
},
{
"status": "affected",
"version": "MSM8917"
},
{
"status": "affected",
"version": "MSM8920"
},
{
"status": "affected",
"version": "MSM8937"
},
{
"status": "affected",
"version": "MSM8940"
},
{
"status": "affected",
"version": "PM8937"
},
{
"status": "affected",
"version": "QAM8295P"
},
{
"status": "affected",
"version": "QCA4004"
},
{
"status": "affected",
"version": "QCA4020"
},
{
"status": "affected",
"version": "QCA6174A"
},
{
"status": "affected",
"version": "QCA6310"
},
{
"status": "affected",
"version": "QCA6320"
},
{
"status": "affected",
"version": "QCA6335"
},
{
"status": "affected",
"version": "QCA6390"
},
{
"status": "affected",
"version": "QCA6391"
},
{
"status": "affected",
"version": "QCA6420"
},
{
"status": "affected",
"version": "QCA6421"
},
{
"status": "affected",
"version": "QCA6426"
},
{
"status": "affected",
"version": "QCA6430"
},
{
"status": "affected",
"version": "QCA6431"
},
{
"status": "affected",
"version": "QCA6436"
},
{
"status": "affected",
"version": "QCA6564"
},
{
"status": "affected",
"version": "QCA6564A"
},
{
"status": "affected",
"version": "QCA6564AU"
},
{
"status": "affected",
"version": "QCA6574"
},
{
"status": "affected",
"version": "QCA6574A"
},
{
"status": "affected",
"version": "QCA6574AU"
},
{
"status": "affected",
"version": "QCA6595"
},
{
"status": "affected",
"version": "QCA6595AU"
},
{
"status": "affected",
"version": "QCA6696"
},
{
"status": "affected",
"version": "QCA8081"
},
{
"status": "affected",
"version": "QCA8337"
},
{
"status": "affected",
"version": "QCA9367"
},
{
"status": "affected",
"version": "QCA9377"
},
{
"status": "affected",
"version": "QCA9379"
},
{
"status": "affected",
"version": "QCM2290"
},
{
"status": "affected",
"version": "QCM4290"
},
{
"status": "affected",
"version": "QCM6125"
},
{
"status": "affected",
"version": "QCM6490"
},
{
"status": "affected",
"version": "QCN7606"
},
{
"status": "affected",
"version": "QCS2290"
},
{
"status": "affected",
"version": "QCS405"
},
{
"status": "affected",
"version": "QCS410"
},
{
"status": "affected",
"version": "QCS4290"
},
{
"status": "affected",
"version": "QCS603"
},
{
"status": "affected",
"version": "QCS605"
},
{
"status": "affected",
"version": "QCS610"
},
{
"status": "affected",
"version": "QCS6125"
},
{
"status": "affected",
"version": "QCS6490"
},
{
"status": "affected",
"version": "QCS8155"
},
{
"status": "affected",
"version": "QCX315"
},
{
"status": "affected",
"version": "QSM8350"
},
{
"status": "affected",
"version": "Qualcomm215"
},
{
"status": "affected",
"version": "SA4150P"
},
{
"status": "affected",
"version": "SA4155P"
},
{
"status": "affected",
"version": "SA415M"
},
{
"status": "affected",
"version": "SA515M"
},
{
"status": "affected",
"version": "SA6145P"
},
{
"status": "affected",
"version": "SA6150P"
},
{
"status": "affected",
"version": "SA6155"
},
{
"status": "affected",
"version": "SA6155P"
},
{
"status": "affected",
"version": "SA8145P"
},
{
"status": "affected",
"version": "SA8150P"
},
{
"status": "affected",
"version": "SA8155"
},
{
"status": "affected",
"version": "SA8155P"
},
{
"status": "affected",
"version": "SA8195P"
},
{
"status": "affected",
"version": "SA8295P"
},
{
"status": "affected",
"version": "SA8540P"
},
{
"status": "affected",
"version": "SA9000P"
},
{
"status": "affected",
"version": "SC8180X+SDX55"
},
{
"status": "affected",
"version": "SD 455"
},
{
"status": "affected",
"version": "SD 636"
},
{
"status": "affected",
"version": "SD 675"
},
{
"status": "affected",
"version": "SD 8 Gen1 5G"
},
{
"status": "affected",
"version": "SD 8cx Gen2"
},
{
"status": "affected",
"version": "SD 8cx Gen3"
},
{
"status": "affected",
"version": "SD205"
},
{
"status": "affected",
"version": "SD210"
},
{
"status": "affected",
"version": "SD429"
},
{
"status": "affected",
"version": "SD439"
},
{
"status": "affected",
"version": "SD450"
},
{
"status": "affected",
"version": "SD460"
},
{
"status": "affected",
"version": "SD480"
},
{
"status": "affected",
"version": "SD625"
},
{
"status": "affected",
"version": "SD626"
},
{
"status": "affected",
"version": "SD632"
},
{
"status": "affected",
"version": "SD660"
},
{
"status": "affected",
"version": "SD662"
},
{
"status": "affected",
"version": "SD665"
},
{
"status": "affected",
"version": "SD670"
},
{
"status": "affected",
"version": "SD675"
},
{
"status": "affected",
"version": "SD678"
},
{
"status": "affected",
"version": "SD680"
},
{
"status": "affected",
"version": "SD690 5G"
},
{
"status": "affected",
"version": "SD695"
},
{
"status": "affected",
"version": "SD710"
},
{
"status": "affected",
"version": "SD720G"
},
{
"status": "affected",
"version": "SD730"
},
{
"status": "affected",
"version": "SD750G"
},
{
"status": "affected",
"version": "SD765"
},
{
"status": "affected",
"version": "SD765G"
},
{
"status": "affected",
"version": "SD768G"
},
{
"status": "affected",
"version": "SD778G"
},
{
"status": "affected",
"version": "SD780G"
},
{
"status": "affected",
"version": "SD7c"
},
{
"status": "affected",
"version": "SD835"
},
{
"status": "affected",
"version": "SD845"
},
{
"status": "affected",
"version": "SD850"
},
{
"status": "affected",
"version": "SD855"
},
{
"status": "affected",
"version": "SD865 5G"
},
{
"status": "affected",
"version": "SD870"
},
{
"status": "affected",
"version": "SD888"
},
{
"status": "affected",
"version": "SD888 5G"
},
{
"status": "affected",
"version": "SDA429W"
},
{
"status": "affected",
"version": "SDM429W"
},
{
"status": "affected",
"version": "SDM630"
},
{
"status": "affected",
"version": "SDX24"
},
{
"status": "affected",
"version": "SDX50M"
},
{
"status": "affected",
"version": "SDX55"
},
{
"status": "affected",
"version": "SDX55M"
},
{
"status": "affected",
"version": "SDX65"
},
{
"status": "affected",
"version": "SDXR1"
},
{
"status": "affected",
"version": "SDXR2 5G"
},
{
"status": "affected",
"version": "SM4125"
},
{
"status": "affected",
"version": "SM4375"
},
{
"status": "affected",
"version": "SM6250"
},
{
"status": "affected",
"version": "SM6250P"
},
{
"status": "affected",
"version": "SM7250P"
},
{
"status": "affected",
"version": "SM7315"
},
{
"status": "affected",
"version": "SM7325P"
},
{
"status": "affected",
"version": "SXR2150P"
},
{
"status": "affected",
"version": "WCD9306"
},
{
"status": "affected",
"version": "WCD9326"
},
{
"status": "affected",
"version": "WCD9330"
},
{
"status": "affected",
"version": "WCD9335"
},
{
"status": "affected",
"version": "WCD9340"
},
{
"status": "affected",
"version": "WCD9341"
},
{
"status": "affected",
"version": "WCD9360"
},
{
"status": "affected",
"version": "WCD9370"
},
{
"status": "affected",
"version": "WCD9371"
},
{
"status": "affected",
"version": "WCD9375"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WCN3610"
},
{
"status": "affected",
"version": "WCN3615"
},
{
"status": "affected",
"version": "WCN3620"
},
{
"status": "affected",
"version": "WCN3660"
},
{
"status": "affected",
"version": "WCN3660B"
},
{
"status": "affected",
"version": "WCN3680"
},
{
"status": "affected",
"version": "WCN3680B"
},
{
"status": "affected",
"version": "WCN3910"
},
{
"status": "affected",
"version": "WCN3950"
},
{
"status": "affected",
"version": "WCN3980"
},
{
"status": "affected",
"version": "WCN3988"
},
{
"status": "affected",
"version": "WCN3990"
},
{
"status": "affected",
"version": "WCN3991"
},
{
"status": "affected",
"version": "WCN3998"
},
{
"status": "affected",
"version": "WCN6740"
},
{
"status": "affected",
"version": "WCN6750"
},
{
"status": "affected",
"version": "WCN6850"
},
{
"status": "affected",
"version": "WCN6851"
},
{
"status": "affected",
"version": "WCN6855"
},
{
"status": "affected",
"version": "WCN6856"
},
{
"status": "affected",
"version": "WSA8810"
},
{
"status": "affected",
"version": "WSA8815"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8835"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-320",
"description": "CWE-320 Key Management Errors",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-12T16:23:26.915Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin"
}
],
"title": "Improper Authentication in HLOS."
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2023-21626",
"datePublished": "2023-08-08T09:14:50.487Z",
"dateReserved": "2022-12-07T02:58:25.864Z",
"dateUpdated": "2024-10-24T18:59:08.395Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30711 (GCVE-0-2023-30711)
Vulnerability from cvelistv5 – Published: 2023-09-06 03:11 – Updated: 2024-09-26 15:32
VLAI?
EPSS
Summary
Improper authentication in Phone and Messaging Storage SMR SEP-2023 Release 1 allows attacker to insert arbitrary data to the provider.
Severity ?
4 (Medium)
CWE
- CWE-287 - Improper Authentication
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Sep-2023 Release in Android 11, 12, 13
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:37:15.130Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30711",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T15:06:24.700603Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:32:33.325Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Sep-2023 Release in Android 11, 12, 13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper authentication in Phone and Messaging Storage SMR SEP-2023 Release 1 allows attacker to insert arbitrary data to the provider."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-287: Improper Authentication",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T03:11:57.479Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2023-30711",
"datePublished": "2023-09-06T03:11:57.479Z",
"dateReserved": "2023-04-14T01:59:51.136Z",
"dateUpdated": "2024-09-26T15:32:33.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21118 (GCVE-0-2023-21118)
Vulnerability from cvelistv5 – Published: 2023-05-15 00:00 – Updated: 2025-01-31 13:41
VLAI?
EPSS
Summary
In unflattenString8 of Sensor.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-269014004
Severity ?
6.2 (Medium)
CWE
- Information disclosure
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:28:26.107Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2023-05-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-21118",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-23T20:19:12.912076Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-31T13:41:15.263Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Android",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android-11 Android-12 Android-12L Android-13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In unflattenString8 of Sensor.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-269014004"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-15T00:00:00.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/2023-05-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2023-21118",
"datePublished": "2023-05-15T00:00:00.000Z",
"dateReserved": "2022-11-03T00:00:00.000Z",
"dateUpdated": "2025-01-31T13:41:15.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30721 (GCVE-0-2023-30721)
Vulnerability from cvelistv5 – Published: 2023-09-06 03:12 – Updated: 2024-09-26 15:25
VLAI?
EPSS
Summary
Insertion of sensitive information into log vulnerability in Locksettings prior to SMR Sep-2023 Release 1 allows a privileged local attacker to get lock screen match information from the log.
Severity ?
4.4 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Sep-2023 Release in Android 11, 12, 13
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:37:14.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30721",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T14:57:04.216557Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:25:23.654Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Sep-2023 Release in Android 11, 12, 13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insertion of sensitive information into log vulnerability in Locksettings prior to SMR Sep-2023 Release 1 allows a privileged local attacker to get lock screen match information from the log."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T03:12:08.181Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2023-30721",
"datePublished": "2023-09-06T03:12:08.181Z",
"dateReserved": "2023-04-14T01:59:51.137Z",
"dateUpdated": "2024-09-26T15:25:23.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30706 (GCVE-0-2023-30706)
Vulnerability from cvelistv5 – Published: 2023-09-06 03:11 – Updated: 2024-09-26 20:45
VLAI?
EPSS
Summary
Improper authorization in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows attacker to read arbitrary file with system privilege.
Severity ?
7.5 (High)
CWE
- CWE-285 - Improper Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Sep-2023 Release in Android 12
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:37:14.969Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30706",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T20:45:27.541993Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T20:45:42.822Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Sep-2023 Release in Android 12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper authorization in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows attacker to read arbitrary file with system privilege."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-285: Improper Authorization",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T03:11:52.376Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2023-30706",
"datePublished": "2023-09-06T03:11:52.376Z",
"dateReserved": "2023-04-14T01:59:51.129Z",
"dateUpdated": "2024-09-26T20:45:42.822Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35671 (GCVE-0-2023-35671)
Vulnerability from cvelistv5 – Published: 2023-09-11 20:09 – Updated: 2024-09-26 14:34
VLAI?
EPSS
Summary
In onHostEmulationData of HostEmulationManager.java, there is a possible way for a general purpose NFC reader to read the full card number and expiry details when the device is in locked screen mode due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity ?
No CVSS data available.
CWE
- Information disclosure
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:43.985Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://android.googlesource.com/platform/packages/apps/Nfc/+/745632835f3d97513a9c2a96e56e1dc06c4e4176"
},
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "11"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "12l"
},
{
"status": "affected",
"version": "13"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35671",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T14:20:23.873620Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T14:34:53.613Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "13"
},
{
"status": "affected",
"version": "12L"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In onHostEmulationData of HostEmulationManager.java, there is a possible way for a general purpose NFC reader to read the full card number and expiry details when the device is in locked screen mode due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T20:16:41.672Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/apps/Nfc/+/745632835f3d97513a9c2a96e56e1dc06c4e4176"
},
{
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2023-35671",
"datePublished": "2023-09-11T20:09:53.198Z",
"dateReserved": "2023-06-15T02:50:29.819Z",
"dateUpdated": "2024-09-26T14:34:53.613Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30715 (GCVE-0-2023-30715)
Vulnerability from cvelistv5 – Published: 2023-09-06 03:12 – Updated: 2024-09-26 15:30
VLAI?
EPSS
Summary
Improper access control vulnerability in Weather prior to SMR Sep-2023 Release 1 allows attackers to access location information set in Weather without permission.
Severity ?
4 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Sep-2023 Release in Android 11, 12, 13
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:37:14.598Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30715",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T15:02:58.944660Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:30:01.225Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Sep-2023 Release in Android 11, 12, 13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control vulnerability in Weather prior to SMR Sep-2023 Release 1 allows attackers to access location information set in Weather without permission."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-284: Improper Access Control",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T03:12:01.797Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2023-30715",
"datePublished": "2023-09-06T03:12:01.797Z",
"dateReserved": "2023-04-14T01:59:51.136Z",
"dateUpdated": "2024-09-26T15:30:01.225Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30717 (GCVE-0-2023-30717)
Vulnerability from cvelistv5 – Published: 2023-09-06 03:12 – Updated: 2024-09-26 15:26
VLAI?
EPSS
Summary
Sensitive information exposure vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to get unresettable identifiers.
Severity ?
4 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Sep-2023 Release in Android 11, 12, 13
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:37:14.709Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30717",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T15:02:46.260302Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:26:25.466Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Sep-2023 Release in Android 11, 12, 13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sensitive information exposure vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to get unresettable identifiers."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-269 Improper Privilege Management",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T03:12:03.892Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2023-30717",
"datePublished": "2023-09-06T03:12:03.892Z",
"dateReserved": "2023-04-14T01:59:51.136Z",
"dateUpdated": "2024-09-26T15:26:25.466Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35679 (GCVE-0-2023-35679)
Vulnerability from cvelistv5 – Published: 2023-09-11 20:09 – Updated: 2024-09-26 15:45
VLAI?
EPSS
Summary
In MtpPropertyValue of MtpProperty.h, there is a possible out of bounds read due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
Severity ?
No CVSS data available.
CWE
- Information disclosure
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:44.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://android.googlesource.com/platform/frameworks/av/+/ea6131efa76a0b2a12724ffd157909e2c6fb4036"
},
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35679",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T15:45:10.737790Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:45:20.974Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "13"
},
{
"status": "affected",
"version": "12L"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In MtpPropertyValue of MtpProperty.h, there is a possible out of bounds read due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T20:16:43.809Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/av/+/ea6131efa76a0b2a12724ffd157909e2c6fb4036"
},
{
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2023-35679",
"datePublished": "2023-09-11T20:09:54.343Z",
"dateReserved": "2023-06-15T02:50:31.872Z",
"dateUpdated": "2024-09-26T15:45:20.974Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30709 (GCVE-0-2023-30709)
Vulnerability from cvelistv5 – Published: 2023-09-06 03:11 – Updated: 2024-09-26 15:26
VLAI?
EPSS
Summary
Improper access control in Dual Messenger prior to SMR Sep-2023 Release 1 allows local attackers launch activity with system privilege.
Severity ?
7.9 (High)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Sep-2023 Release in Android 11, 12, 13
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:37:15.107Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30709",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T15:10:10.916419Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:26:49.516Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Sep-2023 Release in Android 11, 12, 13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in Dual Messenger prior to SMR Sep-2023 Release 1 allows local attackers launch activity with system privilege."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-284: Improper Access Control",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T03:11:55.448Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2023-30709",
"datePublished": "2023-09-06T03:11:55.448Z",
"dateReserved": "2023-04-14T01:59:51.135Z",
"dateUpdated": "2024-09-26T15:26:49.516Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35675 (GCVE-0-2023-35675)
Vulnerability from cvelistv5 – Published: 2023-09-11 20:09 – Updated: 2024-09-26 14:30
VLAI?
EPSS
Summary
In loadMediaResumptionControls of MediaResumeListener.kt, there is a possible way to play and listen to media files played by another user on the same device due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity ?
No CVSS data available.
CWE
- Information disclosure
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:44.580Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://android.googlesource.com/platform/frameworks/base/+/c1cf4b9746c9641190730172522324ccd5b8c914"
},
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "11"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "12l"
},
{
"status": "affected",
"version": "13"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35675",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T14:14:21.302181Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T14:30:04.570Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "13"
},
{
"status": "affected",
"version": "12L"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In loadMediaResumptionControls of MediaResumeListener.kt, there is a possible way to play and listen to media files played by another user on the same device due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T20:16:42.742Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/c1cf4b9746c9641190730172522324ccd5b8c914"
},
{
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2023-35675",
"datePublished": "2023-09-11T20:09:53.771Z",
"dateReserved": "2023-06-15T02:50:31.872Z",
"dateUpdated": "2024-09-26T14:30:04.570Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30714 (GCVE-0-2023-30714)
Vulnerability from cvelistv5 – Published: 2023-09-06 03:12 – Updated: 2024-09-26 15:30
VLAI?
EPSS
Summary
Improper authorization vulnerability in FolderContainerDragDelegate in One UI Home prior to SMR Sep-2023 Release 1 allows physical attackers to change some settings of the folder lock.
Severity ?
4.6 (Medium)
CWE
- CWE-285 - Improper Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Sep-2023 Release in Selected Android 11, 12, 13 devices
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:37:14.705Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30714",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T15:03:14.768389Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:30:49.580Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Sep-2023 Release in Selected Android 11, 12, 13 devices"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper authorization vulnerability in FolderContainerDragDelegate in One UI Home prior to SMR Sep-2023 Release 1 allows physical attackers to change some settings of the folder lock."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-285: Improper Authorization",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T03:12:00.735Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2023-30714",
"datePublished": "2023-09-06T03:12:00.735Z",
"dateReserved": "2023-04-14T01:59:51.136Z",
"dateUpdated": "2024-09-26T15:30:49.580Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37377 (GCVE-0-2023-37377)
Vulnerability from cvelistv5 – Published: 2023-09-08 00:00 – Updated: 2024-09-26 18:12
VLAI?
EPSS
Summary
An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor (Exynos 980, Exynos 850, Exynos 2100, and Exynos W920). Improper handling of length parameter inconsistency can cause incorrect packet filtering.
Severity ?
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:09:34.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:samsung:mobile_processor_wearable_processor:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mobile_processor_wearable_processor",
"vendor": "samsung",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37377",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T18:11:06.687223Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T18:12:57.503Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor (Exynos 980, Exynos 850, Exynos 2100, and Exynos W920). Improper handling of length parameter inconsistency can cause incorrect packet filtering."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AC:L/AV:L/A:L/C:N/I:N/PR:H/S:U/UI:R",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-08T02:05:22.871798",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-37377",
"datePublished": "2023-09-08T00:00:00",
"dateReserved": "2023-07-03T00:00:00",
"dateUpdated": "2024-09-26T18:12:57.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30707 (GCVE-0-2023-30707)
Vulnerability from cvelistv5 – Published: 2023-09-06 03:11 – Updated: 2024-09-26 15:27
VLAI?
EPSS
Summary
Improper input validation vulnerability in FileProviderStatusReceiver in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows local attackers to delete arbitrary files with Samsung Keyboard privilege.
Severity ?
4 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Sep-2023 Release in Android 12
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:37:14.134Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30707",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T15:10:26.796533Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:27:19.225Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Sep-2023 Release in Android 12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation vulnerability in FileProviderStatusReceiver in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows local attackers to delete arbitrary files with Samsung Keyboard privilege."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-20: Improper Input Validation",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T03:11:53.437Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2023-30707",
"datePublished": "2023-09-06T03:11:53.437Z",
"dateReserved": "2023-04-14T01:59:51.129Z",
"dateUpdated": "2024-09-26T15:27:19.225Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35669 (GCVE-0-2023-35669)
Vulnerability from cvelistv5 – Published: 2023-09-11 20:09 – Updated: 2024-09-26 14:25
VLAI?
EPSS
Summary
In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to control other running activities due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity ?
No CVSS data available.
CWE
- Elevation of privilege
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:44.426Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://android.googlesource.com/platform/frameworks/base/+/f810d81839af38ee121c446105ca67cb12992fc6"
},
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "11"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "12l"
},
{
"status": "affected",
"version": "13"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35669",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T14:22:25.092966Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T14:25:51.263Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "13"
},
{
"status": "affected",
"version": "12L"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to control other running activities due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T20:16:40.959Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/f810d81839af38ee121c446105ca67cb12992fc6"
},
{
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2023-35669",
"datePublished": "2023-09-11T20:09:52.808Z",
"dateReserved": "2023-06-15T02:50:29.819Z",
"dateUpdated": "2024-09-26T14:25:51.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35666 (GCVE-0-2023-35666)
Vulnerability from cvelistv5 – Published: 2023-09-11 20:09 – Updated: 2024-09-26 14:40
VLAI?
EPSS
Summary
In bta_av_rc_msg of bta_av_act.cc, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity ?
No CVSS data available.
CWE
- Elevation of privilege
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:44.309Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b7ea57f620436c83a9766f928437ddadaa232e3a"
},
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "11"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "12l"
},
{
"status": "affected",
"version": "13"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35666",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T14:39:06.598682Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T14:40:39.522Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "13"
},
{
"status": "affected",
"version": "12L"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In bta_av_rc_msg of bta_av_act.cc, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T20:16:40.173Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b7ea57f620436c83a9766f928437ddadaa232e3a"
},
{
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2023-35666",
"datePublished": "2023-09-11T20:09:52.427Z",
"dateReserved": "2023-06-15T02:50:29.819Z",
"dateUpdated": "2024-09-26T14:40:39.522Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30720 (GCVE-0-2023-30720)
Vulnerability from cvelistv5 – Published: 2023-09-06 03:12 – Updated: 2024-09-26 15:25
VLAI?
EPSS
Summary
PendingIntent hijacking in LmsAssemblyTrackerCTC prior to SMR Sep-2023 Release 1 allows local attacker to gain arbitrary file access.
Severity ?
4.7 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Sep-2023 Release in Android 11, 12, 13
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:37:14.607Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30720",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T14:58:42.916644Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:25:39.849Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Sep-2023 Release in Android 11, 12, 13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PendingIntent hijacking in LmsAssemblyTrackerCTC prior to SMR Sep-2023 Release 1 allows local attacker to gain arbitrary file access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-284: Improper Access Control",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T03:12:07.151Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2023-30720",
"datePublished": "2023-09-06T03:12:07.151Z",
"dateReserved": "2023-04-14T01:59:51.137Z",
"dateUpdated": "2024-09-26T15:25:39.849Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21135 (GCVE-0-2023-21135)
Vulnerability from cvelistv5 – Published: 2023-06-15 00:00 – Updated: 2024-12-18 18:34
VLAI?
EPSS
Summary
In onCreate of NotificationAccessSettings.java, there is a possible failure to persist notifications settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-260570119
Severity ?
No CVSS data available.
CWE
- Elevation of privilege
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:28:25.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2023-06-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21135",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-18T18:33:20.272773Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T18:34:12.523Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Android",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android-11 Android-12 Android-12L Android-13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In onCreate of NotificationAccessSettings.java, there is a possible failure to persist notifications settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-260570119"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-15T00:00:00",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/2023-06-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2023-21135",
"datePublished": "2023-06-15T00:00:00",
"dateReserved": "2022-11-03T00:00:00",
"dateUpdated": "2024-12-18T18:34:12.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-29374 (GCVE-0-2020-29374)
Vulnerability from cvelistv5 – Published: 2020-11-28 06:18 – Updated: 2024-08-04 16:48
VLAI?
EPSS
Summary
An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended write access, aka CID-17839856fd58.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:48:01.979Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2045"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=17839856fd588f4ab6b789f482ed3ffd7c403e1f"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210115-0002/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"name": "DSA-5096",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended write access, aka CID-17839856fd58."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-10T02:06:28",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2045"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=17839856fd588f4ab6b789f482ed3ffd7c403e1f"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210115-0002/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"name": "DSA-5096",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-29374",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended write access, aka CID-17839856fd58."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2045",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2045"
},
{
"name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.3",
"refsource": "MISC",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.3"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=17839856fd588f4ab6b789f482ed3ffd7c403e1f",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=17839856fd588f4ab6b789f482ed3ffd7c403e1f"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210115-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210115-0002/"
},
{
"name": "http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"name": "DSA-5096",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5096"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-29374",
"datePublished": "2020-11-28T06:18:56",
"dateReserved": "2020-11-28T00:00:00",
"dateUpdated": "2024-08-04T16:48:01.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40510 (GCVE-0-2022-40510)
Vulnerability from cvelistv5 – Published: 2023-08-08 09:14 – Updated: 2024-08-03 12:21
VLAI?
EPSS
Summary
Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.
Severity ?
9.8 (Critical)
CWE
- CWE-457 - Use of Uninitialized Variable
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Affected:
APQ8009
Affected: APQ8009W Affected: APQ8017 Affected: APQ8037 Affected: APQ8064AU Affected: APQ8076 Affected: APQ8096AU Affected: AQT1000 Affected: AR8031 Affected: AR8035 Affected: CSRA6620 Affected: CSRA6640 Affected: CSRB31024 Affected: MDM8207 Affected: MDM9150 Affected: MDM9206 Affected: MDM9207 Affected: MDM9250 Affected: MDM9607 Affected: MDM9628 Affected: MDM9640 Affected: MDM9650 Affected: MSM8108 Affected: MSM8208 Affected: MSM8209 Affected: MSM8608 Affected: MSM8909W Affected: MSM8917 Affected: MSM8920 Affected: MSM8937 Affected: MSM8940 Affected: MSM8996AU Affected: PM8937 Affected: QAM8295P Affected: QCA4020 Affected: QCA6174A Affected: QCA6310 Affected: QCA6320 Affected: QCA6335 Affected: QCA6390 Affected: QCA6391 Affected: QCA6420 Affected: QCA6421 Affected: QCA6426 Affected: QCA6430 Affected: QCA6431 Affected: QCA6436 Affected: QCA6564A Affected: QCA6564AU Affected: QCA6574 Affected: QCA6574A Affected: QCA6574AU Affected: QCA6584AU Affected: QCA6595 Affected: QCA6595AU Affected: QCA6696 Affected: QCA8081 Affected: QCA8337 Affected: QCA9367 Affected: QCA9377 Affected: QCA9379 Affected: QCA9984 Affected: QCC5100 Affected: QCM2290 Affected: QCM4290 Affected: QCM6125 Affected: QCM6490 Affected: QCN6024 Affected: QCN9011 Affected: QCN9012 Affected: QCN9024 Affected: QCN9074 Affected: QCS2290 Affected: QCS405 Affected: QCS410 Affected: QCS4290 Affected: QCS603 Affected: QCS605 Affected: QCS610 Affected: QCS6125 Affected: QCS6490 Affected: QCX315 Affected: QRB5165 Affected: QRB5165M Affected: QRB5165N Affected: QSM8250 Affected: Qualcomm215 Affected: SA415M Affected: SA515M Affected: SA6145P Affected: SA6155 Affected: SA6155P Affected: SA8150P Affected: SA8155 Affected: SA8155P Affected: SA8195P Affected: SA8295P Affected: SC8180X+SDX55 Affected: SD 455 Affected: SD 636 Affected: SD 675 Affected: SD 8 Gen1 5G Affected: SD 8CX Affected: SD 8cx Gen2 Affected: SD 8cx Gen3 Affected: SD205 Affected: SD210 Affected: SD429 Affected: SD439 Affected: SD450 Affected: SD460 Affected: SD480 Affected: SD625 Affected: SD626 Affected: SD632 Affected: SD660 Affected: SD662 Affected: SD665 Affected: SD670 Affected: SD675 Affected: SD678 Affected: SD680 Affected: SD690 5G Affected: SD695 Affected: SD710 Affected: SD712 Affected: SD720G Affected: SD730 Affected: SD750G Affected: SD765 Affected: SD765G Affected: SD768G Affected: SD778G Affected: SD780G Affected: SD7c Affected: SD820 Affected: SD835 Affected: SD845 Affected: SD850 Affected: SD855 Affected: SD865 5G Affected: SD870 Affected: SD888 5G Affected: SDA429W Affected: SDM429W Affected: SDM630 Affected: SDW2500 Affected: SDX12 Affected: SDX20 Affected: SDX24 Affected: SDX50M Affected: SDX55 Affected: SDX55M Affected: SDX65 Affected: SDXR1 Affected: SDXR2 5G Affected: SM4125 Affected: SM4375 Affected: SM6250 Affected: SM6250P Affected: SM7250P Affected: SM7325P Affected: SW5100 Affected: SW5100P Affected: SXR2150P Affected: WCD9306 Affected: WCD9326 Affected: WCD9330 Affected: WCD9335 Affected: WCD9340 Affected: WCD9341 Affected: WCD9360 Affected: WCD9370 Affected: WCD9371 Affected: WCD9375 Affected: WCD9380 Affected: WCD9385 Affected: WCN3610 Affected: WCN3615 Affected: WCN3620 Affected: WCN3660 Affected: WCN3660B Affected: WCN3680 Affected: WCN3680B Affected: WCN3910 Affected: WCN3950 Affected: WCN3980 Affected: WCN3988 Affected: WCN3990 Affected: WCN3991 Affected: WCN3998 Affected: WCN3999 Affected: WCN6740 Affected: WCN6750 Affected: WCN6850 Affected: WCN6851 Affected: WCN6855 Affected: WCN6856 Affected: WCN7850 Affected: WCN7851 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8835 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:qualcomm:apq8009_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "apq8009_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:apq8009w_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "apq8009w_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "apq8017_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:apq8037_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "apq8037_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:apq8064au_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "apq8064au_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:apq8076_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "apq8076_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:apq8096au_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "apq8096au_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "aqt1000_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ar8031_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ar8035_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "csra6620_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "csra6640_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "csrb31024_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mdm8207_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:mdm9150_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mdm9150_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mdm9206_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:mdm9207_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mdm9207_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:mdm9250_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mdm9250_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mdm9607_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:mdm9628_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mdm9628_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mdm9640_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mdm9650_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:msm8108_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "msm8108_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:msm8208_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "msm8208_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:msm8209_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "msm8209_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:msm8608_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "msm8608_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "msm8909w_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:msm8917_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "msm8917_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:msm8920_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "msm8920_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:msm8937_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "msm8937_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:msm8940_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "msm8940_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "msm8996au_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:pm8937_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pm8937_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qam8295p_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca4020_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca4020_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca6174a_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca6310_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca6320_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca6320_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca6335_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca6335_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca6390_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca6391_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca6420_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca6421_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca6421_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca6426_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca6430_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca6431_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca6431_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca6436_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca6564a_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca6564au_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca6574_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca6574a_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca6574au_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca6584au_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca6595_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca6595au_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca6696_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca8081_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca8337_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca9367_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca9367_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca9377_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca9379_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca9379_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qca9984_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qca9984_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qcc5100_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qcc5100_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qcm2290_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qcm4290_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qcm6125_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qcm6490_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qcn6024_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qcn9011_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qcn9011_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qcn9012_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qcn9024_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qcn9074_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qcs2290_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qcs405_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qcs410_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qcs4290_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qcs603_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qcs603_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qcs605_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qcs610_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qcs6125_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qcs6490_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qcx315_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qcx315_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qrb5165_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qrb5165_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qrb5165m_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qrb5165m_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qrb5165n_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qrb5165n_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qsm8250_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qsm8250_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:qualcomm215_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qualcomm215_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sa415m_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sa415m_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sa515m_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sa515m_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sa6145p_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sa6155_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sa6155p_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sa8150p_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sa8155_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sa8155p_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sa8195p_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sa8295p_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd_455_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd_455_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd_636_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd_636_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd_675_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd_8_gen1_5g_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd_8cx_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd_8cx_gen2_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd_8cx_gen2_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd_8cx_gen3_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd_8cx_gen3_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd205_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd205_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd210_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd210_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd429_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd429_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd439_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd439_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd450_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd450_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd460_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd460_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd480_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd480_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd625_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd625_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd626_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd626_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd632_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd632_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd660_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd662_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd665_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd665_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd670_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd670_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd675_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd678_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd678_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd680_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd680_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd690_5g_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd690_5g_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd695_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd695_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd710_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd710_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd712_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd712_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd720g_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd720g_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd730_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd750g_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd750g_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd765_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd765_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd765g_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd765g_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd768g_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd768g_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd778g_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd778g_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd780g_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd780g_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd7c_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd7c_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd820_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd820_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd835_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd845_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd845_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd850_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd850_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd855_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd865_5g_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd870_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sd888_5g_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sd888_5g_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sda429w_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sda429w_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sdm429w_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sdm630_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sdw2500_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sdw2500_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sdx12_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sdx12_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sdx20_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sdx20_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sdx24_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sdx24_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sdx50m_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sdx50m_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sdx55_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sdx55m_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sdx65_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sdx65_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sdxr1_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sdxr1_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sdxr2_5g_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sdxr2_5g_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sm4125_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sm4125_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sm4375_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sm4375_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sm6250_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sm6250p_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sm6250p_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sm7250p_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sm7325p_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sm7325p_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sw5100_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sw5100p_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:sxr2150p_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sxr2150p_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9306_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9326_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9330_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9335_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9340_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9341_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcd9360_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9360_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9370_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcd9371_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9371_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9375_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9380_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9385_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn3610_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn3610_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn3615_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn3615_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn3620_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn3660_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn3660_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn3660b_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn3680_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn3680_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn3680b_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn3910_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn3910_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn3950_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn3980_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn3988_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn3990_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn3991_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn3998_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn3999_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn3999_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn6740_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn6750_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn6750_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn6850_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn6851_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn6855_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn6856_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn7850_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn7851_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wsa8810_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wsa8815_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wsa8830_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wsa8835_firmware",
"vendor": "qualcomm",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-40510",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-11T20:14:19.816575Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-11T20:14:29.686Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:21:46.162Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Auto",
"Snapdragon Compute",
"Snapdragon Connectivity",
"Snapdragon Consumer IOT",
"Snapdragon Industrial IOT",
"Snapdragon IoT",
"Snapdragon Mobile",
"Snapdragon Voice \u0026 Music",
"Snapdragon Wearables",
"Snapdragon Wired Infrastructure and Networking"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "APQ8009"
},
{
"status": "affected",
"version": "APQ8009W"
},
{
"status": "affected",
"version": "APQ8017"
},
{
"status": "affected",
"version": "APQ8037"
},
{
"status": "affected",
"version": "APQ8064AU"
},
{
"status": "affected",
"version": "APQ8076"
},
{
"status": "affected",
"version": "APQ8096AU"
},
{
"status": "affected",
"version": "AQT1000"
},
{
"status": "affected",
"version": "AR8031"
},
{
"status": "affected",
"version": "AR8035"
},
{
"status": "affected",
"version": "CSRA6620"
},
{
"status": "affected",
"version": "CSRA6640"
},
{
"status": "affected",
"version": "CSRB31024"
},
{
"status": "affected",
"version": "MDM8207"
},
{
"status": "affected",
"version": "MDM9150"
},
{
"status": "affected",
"version": "MDM9206"
},
{
"status": "affected",
"version": "MDM9207"
},
{
"status": "affected",
"version": "MDM9250"
},
{
"status": "affected",
"version": "MDM9607"
},
{
"status": "affected",
"version": "MDM9628"
},
{
"status": "affected",
"version": "MDM9640"
},
{
"status": "affected",
"version": "MDM9650"
},
{
"status": "affected",
"version": "MSM8108"
},
{
"status": "affected",
"version": "MSM8208"
},
{
"status": "affected",
"version": "MSM8209"
},
{
"status": "affected",
"version": "MSM8608"
},
{
"status": "affected",
"version": "MSM8909W"
},
{
"status": "affected",
"version": "MSM8917"
},
{
"status": "affected",
"version": "MSM8920"
},
{
"status": "affected",
"version": "MSM8937"
},
{
"status": "affected",
"version": "MSM8940"
},
{
"status": "affected",
"version": "MSM8996AU"
},
{
"status": "affected",
"version": "PM8937"
},
{
"status": "affected",
"version": "QAM8295P"
},
{
"status": "affected",
"version": "QCA4020"
},
{
"status": "affected",
"version": "QCA6174A"
},
{
"status": "affected",
"version": "QCA6310"
},
{
"status": "affected",
"version": "QCA6320"
},
{
"status": "affected",
"version": "QCA6335"
},
{
"status": "affected",
"version": "QCA6390"
},
{
"status": "affected",
"version": "QCA6391"
},
{
"status": "affected",
"version": "QCA6420"
},
{
"status": "affected",
"version": "QCA6421"
},
{
"status": "affected",
"version": "QCA6426"
},
{
"status": "affected",
"version": "QCA6430"
},
{
"status": "affected",
"version": "QCA6431"
},
{
"status": "affected",
"version": "QCA6436"
},
{
"status": "affected",
"version": "QCA6564A"
},
{
"status": "affected",
"version": "QCA6564AU"
},
{
"status": "affected",
"version": "QCA6574"
},
{
"status": "affected",
"version": "QCA6574A"
},
{
"status": "affected",
"version": "QCA6574AU"
},
{
"status": "affected",
"version": "QCA6584AU"
},
{
"status": "affected",
"version": "QCA6595"
},
{
"status": "affected",
"version": "QCA6595AU"
},
{
"status": "affected",
"version": "QCA6696"
},
{
"status": "affected",
"version": "QCA8081"
},
{
"status": "affected",
"version": "QCA8337"
},
{
"status": "affected",
"version": "QCA9367"
},
{
"status": "affected",
"version": "QCA9377"
},
{
"status": "affected",
"version": "QCA9379"
},
{
"status": "affected",
"version": "QCA9984"
},
{
"status": "affected",
"version": "QCC5100"
},
{
"status": "affected",
"version": "QCM2290"
},
{
"status": "affected",
"version": "QCM4290"
},
{
"status": "affected",
"version": "QCM6125"
},
{
"status": "affected",
"version": "QCM6490"
},
{
"status": "affected",
"version": "QCN6024"
},
{
"status": "affected",
"version": "QCN9011"
},
{
"status": "affected",
"version": "QCN9012"
},
{
"status": "affected",
"version": "QCN9024"
},
{
"status": "affected",
"version": "QCN9074"
},
{
"status": "affected",
"version": "QCS2290"
},
{
"status": "affected",
"version": "QCS405"
},
{
"status": "affected",
"version": "QCS410"
},
{
"status": "affected",
"version": "QCS4290"
},
{
"status": "affected",
"version": "QCS603"
},
{
"status": "affected",
"version": "QCS605"
},
{
"status": "affected",
"version": "QCS610"
},
{
"status": "affected",
"version": "QCS6125"
},
{
"status": "affected",
"version": "QCS6490"
},
{
"status": "affected",
"version": "QCX315"
},
{
"status": "affected",
"version": "QRB5165"
},
{
"status": "affected",
"version": "QRB5165M"
},
{
"status": "affected",
"version": "QRB5165N"
},
{
"status": "affected",
"version": "QSM8250"
},
{
"status": "affected",
"version": "Qualcomm215"
},
{
"status": "affected",
"version": "SA415M"
},
{
"status": "affected",
"version": "SA515M"
},
{
"status": "affected",
"version": "SA6145P"
},
{
"status": "affected",
"version": "SA6155"
},
{
"status": "affected",
"version": "SA6155P"
},
{
"status": "affected",
"version": "SA8150P"
},
{
"status": "affected",
"version": "SA8155"
},
{
"status": "affected",
"version": "SA8155P"
},
{
"status": "affected",
"version": "SA8195P"
},
{
"status": "affected",
"version": "SA8295P"
},
{
"status": "affected",
"version": "SC8180X+SDX55"
},
{
"status": "affected",
"version": "SD 455"
},
{
"status": "affected",
"version": "SD 636"
},
{
"status": "affected",
"version": "SD 675"
},
{
"status": "affected",
"version": "SD 8 Gen1 5G"
},
{
"status": "affected",
"version": "SD 8CX"
},
{
"status": "affected",
"version": "SD 8cx Gen2"
},
{
"status": "affected",
"version": "SD 8cx Gen3"
},
{
"status": "affected",
"version": "SD205"
},
{
"status": "affected",
"version": "SD210"
},
{
"status": "affected",
"version": "SD429"
},
{
"status": "affected",
"version": "SD439"
},
{
"status": "affected",
"version": "SD450"
},
{
"status": "affected",
"version": "SD460"
},
{
"status": "affected",
"version": "SD480"
},
{
"status": "affected",
"version": "SD625"
},
{
"status": "affected",
"version": "SD626"
},
{
"status": "affected",
"version": "SD632"
},
{
"status": "affected",
"version": "SD660"
},
{
"status": "affected",
"version": "SD662"
},
{
"status": "affected",
"version": "SD665"
},
{
"status": "affected",
"version": "SD670"
},
{
"status": "affected",
"version": "SD675"
},
{
"status": "affected",
"version": "SD678"
},
{
"status": "affected",
"version": "SD680"
},
{
"status": "affected",
"version": "SD690 5G"
},
{
"status": "affected",
"version": "SD695"
},
{
"status": "affected",
"version": "SD710"
},
{
"status": "affected",
"version": "SD712"
},
{
"status": "affected",
"version": "SD720G"
},
{
"status": "affected",
"version": "SD730"
},
{
"status": "affected",
"version": "SD750G"
},
{
"status": "affected",
"version": "SD765"
},
{
"status": "affected",
"version": "SD765G"
},
{
"status": "affected",
"version": "SD768G"
},
{
"status": "affected",
"version": "SD778G"
},
{
"status": "affected",
"version": "SD780G"
},
{
"status": "affected",
"version": "SD7c"
},
{
"status": "affected",
"version": "SD820"
},
{
"status": "affected",
"version": "SD835"
},
{
"status": "affected",
"version": "SD845"
},
{
"status": "affected",
"version": "SD850"
},
{
"status": "affected",
"version": "SD855"
},
{
"status": "affected",
"version": "SD865 5G"
},
{
"status": "affected",
"version": "SD870"
},
{
"status": "affected",
"version": "SD888 5G"
},
{
"status": "affected",
"version": "SDA429W"
},
{
"status": "affected",
"version": "SDM429W"
},
{
"status": "affected",
"version": "SDM630"
},
{
"status": "affected",
"version": "SDW2500"
},
{
"status": "affected",
"version": "SDX12"
},
{
"status": "affected",
"version": "SDX20"
},
{
"status": "affected",
"version": "SDX24"
},
{
"status": "affected",
"version": "SDX50M"
},
{
"status": "affected",
"version": "SDX55"
},
{
"status": "affected",
"version": "SDX55M"
},
{
"status": "affected",
"version": "SDX65"
},
{
"status": "affected",
"version": "SDXR1"
},
{
"status": "affected",
"version": "SDXR2 5G"
},
{
"status": "affected",
"version": "SM4125"
},
{
"status": "affected",
"version": "SM4375"
},
{
"status": "affected",
"version": "SM6250"
},
{
"status": "affected",
"version": "SM6250P"
},
{
"status": "affected",
"version": "SM7250P"
},
{
"status": "affected",
"version": "SM7325P"
},
{
"status": "affected",
"version": "SW5100"
},
{
"status": "affected",
"version": "SW5100P"
},
{
"status": "affected",
"version": "SXR2150P"
},
{
"status": "affected",
"version": "WCD9306"
},
{
"status": "affected",
"version": "WCD9326"
},
{
"status": "affected",
"version": "WCD9330"
},
{
"status": "affected",
"version": "WCD9335"
},
{
"status": "affected",
"version": "WCD9340"
},
{
"status": "affected",
"version": "WCD9341"
},
{
"status": "affected",
"version": "WCD9360"
},
{
"status": "affected",
"version": "WCD9370"
},
{
"status": "affected",
"version": "WCD9371"
},
{
"status": "affected",
"version": "WCD9375"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WCN3610"
},
{
"status": "affected",
"version": "WCN3615"
},
{
"status": "affected",
"version": "WCN3620"
},
{
"status": "affected",
"version": "WCN3660"
},
{
"status": "affected",
"version": "WCN3660B"
},
{
"status": "affected",
"version": "WCN3680"
},
{
"status": "affected",
"version": "WCN3680B"
},
{
"status": "affected",
"version": "WCN3910"
},
{
"status": "affected",
"version": "WCN3950"
},
{
"status": "affected",
"version": "WCN3980"
},
{
"status": "affected",
"version": "WCN3988"
},
{
"status": "affected",
"version": "WCN3990"
},
{
"status": "affected",
"version": "WCN3991"
},
{
"status": "affected",
"version": "WCN3998"
},
{
"status": "affected",
"version": "WCN3999"
},
{
"status": "affected",
"version": "WCN6740"
},
{
"status": "affected",
"version": "WCN6750"
},
{
"status": "affected",
"version": "WCN6850"
},
{
"status": "affected",
"version": "WCN6851"
},
{
"status": "affected",
"version": "WCN6855"
},
{
"status": "affected",
"version": "WCN6856"
},
{
"status": "affected",
"version": "WCN7850"
},
{
"status": "affected",
"version": "WCN7851"
},
{
"status": "affected",
"version": "WSA8810"
},
{
"status": "affected",
"version": "WSA8815"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8835"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-457",
"description": "CWE-457 Use of Uninitialized Variable",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-12T16:23:19.699Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin"
}
],
"title": "Buffer copy without checking size of input in Audio."
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2022-40510",
"datePublished": "2023-08-08T09:14:48.400Z",
"dateReserved": "2022-09-12T09:37:28.414Z",
"dateUpdated": "2024-08-03T12:21:46.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30719 (GCVE-0-2023-30719)
Vulnerability from cvelistv5 – Published: 2023-09-06 03:12 – Updated: 2024-09-26 15:25
VLAI?
EPSS
Summary
Exposure of Sensitive Information vulnerability in InboundSmsHandler prior to SMR Sep-2023 Release 1 allows local attackers to access certain message data.
Severity ?
4 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Sep-2023 Release in Android 11, 12, 13
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:37:14.617Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30719",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T14:59:00.460258Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:25:55.803Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Sep-2023 Release in Android 11, 12, 13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Exposure of Sensitive Information vulnerability in InboundSmsHandler prior to SMR Sep-2023 Release 1 allows local attackers to access certain message data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T03:12:06.098Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2023-30719",
"datePublished": "2023-09-06T03:12:06.098Z",
"dateReserved": "2023-04-14T01:59:51.137Z",
"dateUpdated": "2024-09-26T15:25:55.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35684 (GCVE-0-2023-35684)
Vulnerability from cvelistv5 – Published: 2023-09-11 20:09 – Updated: 2024-09-26 15:47
VLAI?
EPSS
Summary
In avdt_msg_asmbl of avdt_msg.cc, there is a possible out of bounds write due to an integer overflow. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity ?
No CVSS data available.
CWE
- Elevation of privilege
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:44.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/668bbca29797728004d88db4c9b69102f3939008"
},
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35684",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T15:47:19.045836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:47:27.807Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "13"
},
{
"status": "affected",
"version": "12L"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In avdt_msg_asmbl of avdt_msg.cc, there is a possible out of bounds write due to an integer overflow. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T20:16:45.658Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/668bbca29797728004d88db4c9b69102f3939008"
},
{
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2023-35684",
"datePublished": "2023-09-11T20:09:55.266Z",
"dateReserved": "2023-06-15T02:50:31.873Z",
"dateUpdated": "2024-09-26T15:47:27.807Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-40353 (GCVE-0-2023-40353)
Vulnerability from cvelistv5 – Published: 2023-09-08 00:00 – Updated: 2024-09-26 17:52
VLAI?
EPSS
Summary
An issue was discovered in Exynos Mobile Processor 980 and 2100. An integer overflow at a buffer index can prevent the execution of requested services via a crafted application.
Severity ?
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:31:53.590Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40353",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T17:52:07.923037Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T17:52:15.819Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Exynos Mobile Processor 980 and 2100. An integer overflow at a buffer index can prevent the execution of requested services via a crafted application."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AC:L/AV:L/A:L/C:N/I:N/PR:H/S:U/UI:R",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-08T02:05:30.635208",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-40353",
"datePublished": "2023-09-08T00:00:00",
"dateReserved": "2023-08-14T00:00:00",
"dateUpdated": "2024-09-26T17:52:15.819Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35673 (GCVE-0-2023-35673)
Vulnerability from cvelistv5 – Published: 2023-09-11 20:09 – Updated: 2024-09-26 14:33
VLAI?
EPSS
Summary
In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity ?
No CVSS data available.
CWE
- Remote code execution
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:44.602Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/8770c07c102c7fdc74626dc717acc8f6dd1c92cc"
},
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "11"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "12l"
},
{
"status": "affected",
"version": "13"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35673",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T14:17:07.882223Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T14:33:31.585Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "13"
},
{
"status": "affected",
"version": "12L"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote code execution",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T20:16:42.035Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/8770c07c102c7fdc74626dc717acc8f6dd1c92cc"
},
{
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2023-35673",
"datePublished": "2023-09-11T20:09:53.391Z",
"dateReserved": "2023-06-15T02:50:29.820Z",
"dateUpdated": "2024-09-26T14:33:31.585Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35674 (GCVE-0-2023-35674)
Vulnerability from cvelistv5 – Published: 2023-09-11 20:09 – Updated: 2025-10-21 23:05
VLAI?
EPSS
Summary
In onCreate of WindowState.java, there is a possible way to launch a background activity due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity ?
8.8 (High)
CWE
- Elevation of privilege
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:44.419Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://android.googlesource.com/platform/frameworks/base/+/7428962d3b064ce1122809d87af65099d1129c9e"
},
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "11"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "12l"
},
{
"status": "affected",
"version": "13"
}
]
},
{
"cpes": [
"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "11"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "12l"
},
{
"status": "affected",
"version": "13"
}
]
},
{
"cpes": [
"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "11"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "12l"
},
{
"status": "affected",
"version": "13"
}
]
},
{
"cpes": [
"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "11"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "12l"
},
{
"status": "affected",
"version": "13"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35674",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T16:16:36.251400Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-09-13",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-35674"
},
"type": "kev"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:38.736Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-35674"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-09-13T00:00:00+00:00",
"value": "CVE-2023-35674 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "13"
},
{
"status": "affected",
"version": "12L"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In onCreate of WindowState.java, there is a possible way to launch a background activity due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T20:16:42.390Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/7428962d3b064ce1122809d87af65099d1129c9e"
},
{
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2023-35674",
"datePublished": "2023-09-11T20:09:53.580Z",
"dateReserved": "2023-06-15T02:50:29.820Z",
"dateUpdated": "2025-10-21T23:05:38.736Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35687 (GCVE-0-2023-35687)
Vulnerability from cvelistv5 – Published: 2023-09-11 20:09 – Updated: 2024-09-26 15:49
VLAI?
EPSS
Summary
In MtpPropertyValue of MtpProperty.h, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity ?
No CVSS data available.
CWE
- Elevation of privilege
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:44.386Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://android.googlesource.com/platform/frameworks/av/+/ea6131efa76a0b2a12724ffd157909e2c6fb4036"
},
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35687",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T15:49:05.405485Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:49:16.654Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "13"
},
{
"status": "affected",
"version": "12L"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In MtpPropertyValue of MtpProperty.h, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T20:16:46.031Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/av/+/ea6131efa76a0b2a12724ffd157909e2c6fb4036"
},
{
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2023-35687",
"datePublished": "2023-09-11T20:09:55.452Z",
"dateReserved": "2023-06-15T02:50:33.961Z",
"dateUpdated": "2024-09-26T15:49:16.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35658 (GCVE-0-2023-35658)
Vulnerability from cvelistv5 – Published: 2023-09-11 20:09 – Updated: 2024-09-26 14:51
VLAI?
EPSS
Summary
In gatt_process_prep_write_rsp of gatt_cl.cc, there is a possible privilege escalation due to a use after free. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity ?
No CVSS data available.
CWE
- Remote code execution
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:43.908Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/d03a3020de69143b1fe8129d75e55f14951dd192"
},
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "11"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "12l"
},
{
"status": "affected",
"version": "13"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35658",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T14:50:27.908286Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T14:51:50.005Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "13"
},
{
"status": "affected",
"version": "12L"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In gatt_process_prep_write_rsp of gatt_cl.cc, there is a possible privilege escalation due to a use after free. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote code execution",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T20:16:39.115Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/d03a3020de69143b1fe8129d75e55f14951dd192"
},
{
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2023-35658",
"datePublished": "2023-09-11T20:09:51.810Z",
"dateReserved": "2023-06-15T02:50:10.272Z",
"dateUpdated": "2024-09-26T14:51:50.005Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35677 (GCVE-0-2023-35677)
Vulnerability from cvelistv5 – Published: 2023-09-11 20:09 – Updated: 2024-10-29 17:52
VLAI?
EPSS
Summary
In onCreate of DeviceAdminAdd.java, there is a possible way to forcibly add a device admin due to a missing permission check. This could lead to local denial of service (factory reset or continuous locking) with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity ?
No CVSS data available.
CWE
- Denial of service
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:44.175Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://android.googlesource.com/platform/packages/apps/Settings/+/846180c19f68f6fb1b0653356401d3235fef846e"
},
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35677",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T15:44:29.953339Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T17:52:42.588Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "13"
},
{
"status": "affected",
"version": "12L"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In onCreate of DeviceAdminAdd.java, there is a possible way to forcibly add a device admin due to a missing permission check. This could lead to local denial of service (factory reset or continuous locking) with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T20:16:43.440Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/apps/Settings/+/846180c19f68f6fb1b0653356401d3235fef846e"
},
{
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2023-35677",
"datePublished": "2023-09-11T20:09:54.167Z",
"dateReserved": "2023-06-15T02:50:31.872Z",
"dateUpdated": "2024-10-29T17:52:42.588Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35683 (GCVE-0-2023-35683)
Vulnerability from cvelistv5 – Published: 2023-09-11 20:09 – Updated: 2024-09-26 15:47
VLAI?
EPSS
Summary
In bindSelection of DatabaseUtils.java, there is a possible way to access files from other applications due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity ?
No CVSS data available.
CWE
- Information disclosure
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:44.641Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/23d156ed1bed6d2c2b325f0be540d0afca510c49"
},
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35683",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T15:46:44.085863Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:47:01.584Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "13"
},
{
"status": "affected",
"version": "12L"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In bindSelection of DatabaseUtils.java, there is a possible way to access files from other applications due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T20:16:45.309Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/23d156ed1bed6d2c2b325f0be540d0afca510c49"
},
{
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2023-35683",
"datePublished": "2023-09-11T20:09:55.077Z",
"dateReserved": "2023-06-15T02:50:31.873Z",
"dateUpdated": "2024-09-26T15:47:01.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35667 (GCVE-0-2023-35667)
Vulnerability from cvelistv5 – Published: 2023-09-11 20:09 – Updated: 2024-09-26 14:47
VLAI?
EPSS
Summary
In updateList of NotificationAccessSettings.java, there is a possible way to hide approved notification listeners in the settings due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity ?
No CVSS data available.
CWE
- Elevation of privilege
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:43.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://android.googlesource.com/platform/packages/apps/Settings/+/d8355ac47e068ad20c6a7b1602e72f0585ec0085"
},
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "11"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "12l"
},
{
"status": "affected",
"version": "13"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35667",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T14:37:12.151553Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T14:47:51.656Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "13"
},
{
"status": "affected",
"version": "12L"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In updateList of NotificationAccessSettings.java, there is a possible way to hide approved notification listeners in the settings due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T20:16:40.586Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/apps/Settings/+/d8355ac47e068ad20c6a7b1602e72f0585ec0085"
},
{
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2023-35667",
"datePublished": "2023-09-11T20:09:52.613Z",
"dateReserved": "2023-06-15T02:50:29.819Z",
"dateUpdated": "2024-09-26T14:47:51.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30716 (GCVE-0-2023-30716)
Vulnerability from cvelistv5 – Published: 2023-09-06 03:12 – Updated: 2024-09-26 15:26
VLAI?
EPSS
Summary
Improper access control vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to trigger certain commands.
Severity ?
4 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Sep-2023 Release in Android 11, 12, 13
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:37:14.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30716",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T15:02:53.462289Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:26:37.312Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Sep-2023 Release in Android 11, 12, 13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to trigger certain commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-269 Improper Privilege Management",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T03:12:02.855Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=09"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2023-30716",
"datePublished": "2023-09-06T03:12:02.855Z",
"dateReserved": "2023-04-14T01:59:51.136Z",
"dateUpdated": "2024-09-26T15:26:37.312Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35676 (GCVE-0-2023-35676)
Vulnerability from cvelistv5 – Published: 2023-09-11 20:09 – Updated: 2024-09-26 14:28
VLAI?
EPSS
Summary
In createQuickShareAction of SaveImageInBackgroundTask.java, there is a possible way to trigger a background activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity ?
No CVSS data available.
CWE
- Elevation of privilege
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:44.629Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://android.googlesource.com/platform/frameworks/base/+/109e58b62dc9fedcee93983678ef9d4931e72afa"
},
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "12l"
},
{
"status": "affected",
"version": "13"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35676",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T14:12:12.416325Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T14:28:34.798Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "13"
},
{
"status": "affected",
"version": "12L"
},
{
"status": "affected",
"version": "12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In createQuickShareAction of SaveImageInBackgroundTask.java, there is a possible way to trigger a background activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T20:16:43.088Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/109e58b62dc9fedcee93983678ef9d4931e72afa"
},
{
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2023-35676",
"datePublished": "2023-09-11T20:09:53.971Z",
"dateReserved": "2023-06-15T02:50:31.872Z",
"dateUpdated": "2024-09-26T14:28:34.798Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35681 (GCVE-0-2023-35681)
Vulnerability from cvelistv5 – Published: 2023-09-11 20:09 – Updated: 2024-09-26 15:46
VLAI?
EPSS
Summary
In eatt_l2cap_reconfig_completed of eatt_impl.h, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity ?
No CVSS data available.
CWE
- Remote code execution
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:43.905Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/d8d95291f16a8f18f8ffbd6322c14686897c5730"
},
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35681",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T15:46:14.631547Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:46:22.621Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In eatt_l2cap_reconfig_completed of eatt_impl.h, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote code execution",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T20:16:44.515Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/d8d95291f16a8f18f8ffbd6322c14686897c5730"
},
{
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2023-35681",
"datePublished": "2023-09-11T20:09:54.702Z",
"dateReserved": "2023-06-15T02:50:31.873Z",
"dateUpdated": "2024-09-26T15:46:22.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35682 (GCVE-0-2023-35682)
Vulnerability from cvelistv5 – Published: 2023-09-11 20:09 – Updated: 2025-05-05 15:17
VLAI?
EPSS
Summary
In hasPermissionForActivity of PackageManagerHelper.java, there is a possible way to start arbitrary components due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
Severity ?
7.8 (High)
CWE
- Elevation of privilege
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:44.577Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://android.googlesource.com/platform/packages/apps/Launcher3/+/09f8b0e52e45a0b39bab457534ba2e5ae91ffad0"
},
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-35682",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:27:00.703647Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NVD-CWE-Other",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T15:17:59.539Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "13"
},
{
"status": "affected",
"version": "12L"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In hasPermissionForActivity of PackageManagerHelper.java, there is a possible way to start arbitrary components due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T20:16:44.869Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/apps/Launcher3/+/09f8b0e52e45a0b39bab457534ba2e5ae91ffad0"
},
{
"url": "https://source.android.com/security/bulletin/2023-09-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2023-35682",
"datePublished": "2023-09-11T20:09:54.893Z",
"dateReserved": "2023-06-15T02:50:31.873Z",
"dateUpdated": "2025-05-05T15:17:59.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…