Description
Improper input validation vulnerability in Duo prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
Low
Availability
Low
Affected products
- Samsung Mobile / Samsung Mobile DevicesSMR Oct-2023 Release in Android 11, 12, 13 – SMR Oct-2023 Release in Android 11, 12, 13