CVE-2023-30704

LOW3.8

JSON export Create alert

Description

Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication.

CVSS breakdown

CVSS 3.1

Attack Vector

Physical

Attack Complexity

High

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Affected products

Samsung Mobile / Samsung Internet22.0.0.35 – 22.0.0.35

References

MISChttps://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=08