Health
CVE-2023-30723
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Improper input validation vulnerability in Samsung Health prior to version 6.24.2.011 allows attackers to write arbitrary file with Samsung Health privilege.
AnalysisAI
Improper input validation vulnerability in Samsung Health prior to version 6.24.2.011 allows attackers to write arbitrary file with Samsung Health privilege. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
Improper input validation vulnerability in Samsung Health prior to version 6.24.2.011 allows attackers to write arbitrary file with Samsung Health privilege. Affected products include: Samsung Health. Version information: version 6.24.2.011.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Intent redirection vulnerability in Samsung Health prior to version 6.16 allows attacker to execute privileged action. R
Improper authorization in Samsung Health prior to version 6.30.1.003 allows local attackers to access data in Samsung He
PendingIntent hijacking vulnerability in ChallengeNotificationManager in Samsung Health prior to version 6.25 allows loc
Improper access control vulnerability in Samsung Health prior to version 6.24.3.007 allows attackers to access sensitive
Improper access control vulnerability in Samsung Health prior to version 6.24.3.007 allows attackers to access sensitive
Non-existent provider in Samsung Health prior to 6.19.1.0001 allows attacker to access it via malicious content provider
Improper check vulnerability in Samsung Health prior to version 6.17 allows attacker to read internal cache data via exp
Improper input validation in Samsung Health prior to version 6.27.0.113 allows local attackers to write arbitrary docume
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today