CVE-2023-42553

MEDIUM4.0Auth bypass

JSON export Create alert

Description

Improper authorization verification vulnerability in Samsung Email prior to version 6.1.90.4 allows attackers to read sandbox data of email.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Affected products

Samsung Mobile / Samsung Email6.1.90.4 – 6.1.90.4

References

MISChttps://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=11