Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2023
CVE-2023-21443
Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows adjacent attackers to decrypt encrypted messages or inject commands.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-02-09
CVE-2023-21444
Improper cryptographic implementation in Samsung Flow for PC 4.9.14.0 allows adjacent attackers to decrypt encrypted messages or inject commands.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-02-09
CVE-2023-21445
Improper access control vulnerability in MyFiles prior to versions 12.2.09 in Android R(11), 13.1.03.501 in Android S(12) and 14.1.00.422 in Android T(13) allows local attacker to write file with MyFiles privilege via implicit intent.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-02-09
CVE-2023-21446
Improper input validation in MyFiles prior to version 12.2.09 in Android R(11), 13.1.03.501 in Android S( 12) and 14.1.00.422 in Android T(13) allows local attacker to access data of MyFiles.
CVSS Score
6.2
EPSS Score
0.0
Published
2023-02-09
CVE-2023-21447
Improper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local attackers to access information with Samsung Cloud's privilege via implicit intent.
CVSS Score
4.0
EPSS Score
0.0
Published
2023-02-09
CVE-2023-21448
Path traversal vulnerability in Samsung Cloud prior to version 5.3.0.32 allows attacker to access specific png file.
CVSS Score
5.7
EPSS Score
0.001
Published
2023-02-09
CVE-2023-21423
Improper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1 allows attacker to control BLE advertising without permission using unprotected action.
CVSS Score
5.1
EPSS Score
0.0
Published
2023-02-09
CVE-2023-21424
Improper Handling of Insufficient Permissions or Privileges vulnerability in SemChameleonHelper prior to SMR Jan-2023 Release 1 allows attacker to modify network related values, network code, carrier id and operator brand.
CVSS Score
5.1
EPSS Score
0.0
Published
2023-02-09
CVE-2023-21425
Improper access control vulnerability in telecom application prior to SMR JAN-2023 Release 1 allows local attackers to get sensitive information.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-02-09
CVE-2023-21426
Hardcoded AES key to encrypt cardemulation PINs in NFC prior to SMR Jan-2023 Release 1 allows attackers to access cardemulation PIN.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-02-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved