Stack overflow vulnerability in SSHDCPAPP TA prior to "SAMSUNG ELECTONICS, CO, LTD. - System Hardware Update - 7/13/2023" in Windows Update for Galaxy book Go, Galaxy book Go 5G, Galaxy book2 Go and Galaxy book2 Pro 360 allows local attacker to execute arbitrary code.
References
Link | Resource |
---|---|
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=08 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
History
15 Aug 2023, 17:48
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
First Time |
Samsung galaxy Book Go 5g
Samsung galaxy Book Go Firmware Samsung galaxy Book2 Pro 360 Samsung galaxy Book Go 5g Firmware Samsung Samsung galaxy Book2 Go Samsung galaxy Book Go Samsung galaxy Book2 Go Firmware Samsung galaxy Book2 Pro 360 Firmware |
|
CWE | CWE-787 | |
References | (MISC) https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=08 - Vendor Advisory | |
CPE | cpe:2.3:h:samsung:galaxy_book_go_5g:-:*:*:*:*:*:*:* cpe:2.3:o:samsung:galaxy_book2_go_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:samsung:galaxy_book_go_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:samsung:galaxy_book2_go:-:*:*:*:*:*:*:* cpe:2.3:h:samsung:galaxy_book2_pro_360:-:*:*:*:*:*:*:* cpe:2.3:o:samsung:galaxy_book_go_5g_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:samsung:galaxy_book_go:-:*:*:*:*:*:*:* cpe:2.3:o:samsung:galaxy_book2_pro_360_firmware:-:*:*:*:*:*:*:* |
10 Aug 2023, 02:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-10 02:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-30702
Mitre link : CVE-2023-30702
CVE.ORG link : CVE-2023-30702
JSON object : View
Products Affected
samsung
- galaxy_book2_go_firmware
- galaxy_book_go_5g
- galaxy_book2_pro_360
- galaxy_book_go_firmware
- galaxy_book2_go
- galaxy_book_go
- galaxy_book2_pro_360_firmware
- galaxy_book_go_5g_firmware
CWE
CWE-787
Out-of-bounds Write