An improper input validation in UEFI Firmware prior to Firmware update Oct-2023 Release in Galaxy Book, Galaxy Book Pro, Galaxy Book Pro 360 and Galaxy Book Odyssey allows local attacker to execute SMM memory corruption.
References
| Link | Resource |
|---|---|
| https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=10 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
History
05 Oct 2023, 18:33
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=10 - Vendor Advisory | |
| CWE | NVD-CWE-noinfo | |
| First Time |
Samsung galaxy Book Pro 360
Samsung galaxy Book Pro 360 Firmware Samsung Samsung galaxy Book Pro Samsung galaxy Book Pro Firmware Samsung galaxy Book Odyssey Firmware Samsung galaxy Book Firmware Samsung galaxy Book Odyssey Samsung galaxy Book |
|
| CPE | cpe:2.3:h:samsung:galaxy_book_pro:-:*:*:*:*:*:*:* cpe:2.3:o:samsung:galaxy_book_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:samsung:galaxy_book_pro_360:-:*:*:*:*:*:*:* cpe:2.3:o:samsung:galaxy_book_odyssey_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:samsung:galaxy_book_odyssey:-:*:*:*:*:*:*:* cpe:2.3:h:samsung:galaxy_book:-:*:*:*:*:*:*:* cpe:2.3:o:samsung:galaxy_book_pro_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:samsung:galaxy_book_pro_360_firmware:*:*:*:*:*:*:*:* |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
04 Oct 2023, 04:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-10-04 04:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-30738
Mitre link : CVE-2023-30738
CVE.ORG link : CVE-2023-30738
JSON object : View
Products Affected
samsung
- galaxy_book_odyssey
- galaxy_book
- galaxy_book_pro
- galaxy_book_pro_360
- galaxy_book_pro_firmware
- galaxy_book_firmware
- galaxy_book_odyssey_firmware
- galaxy_book_pro_360_firmware
CWE