Abuse of remote unlock in Find My Mobile prior to version 7.3.13.4 allows physical attacker to unlock the device remotely by resetting the Samsung Account password with SMS verification when user lost the device.
References
Link | Resource |
---|---|
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12 | Vendor Advisory |
Configurations
History
11 Dec 2023, 14:50
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.8 |
CPE | cpe:2.3:a:samsung:find_my_mobile:*:*:*:*:*:*:*:* | |
References | () https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12 - Vendor Advisory | |
First Time |
Samsung
Samsung find My Mobile |
|
CWE | NVD-CWE-noinfo |
05 Dec 2023, 03:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-05 03:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-42571
Mitre link : CVE-2023-42571
CVE.ORG link : CVE-2023-42571
JSON object : View
Products Affected
samsung
- find_my_mobile
CWE