Skip to main content

Camera CVE-2023-30730

MEDIUM
2023-09-06 mobile.security@samsung.com
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Sep 06, 2023 - 04:15 nvd
MEDIUM 5.5

DescriptionNVD

Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12.1.00.30, 12.0.07.53, 12.1.03.10 in Android 12, and 13.0.01.43, 13.1.00.83 in Android 13 allows local attacker to access specific file.

AnalysisAI

Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12.1.00.30, 12.0.07.53, 12.1.03.10 in Android 12, and 13.0.01.43, 13.1.00.83 in Android 13 allows local. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12.1.00.30, 12.0.07.53, 12.1.03.10 in Android 12, and 13.0.01.43, 13.1.00.83 in Android 13 allows local attacker to access specific file. Affected products include: Samsung Camera.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

More in Camera

View all
CVE-2019-10256 CRITICAL
9.8 Sep 10

An authentication bypass vulnerability in VIVOTEK IPCam versions prior to 0x13a was found. Rated critical severity (CVSS

CVE-2019-14457 CRITICAL
9.8 Sep 10

VIVOTEK IP Camera devices with firmware before 0x20x have a stack-based buffer overflow via a crafted HTTP header. Rated

CVE-2018-14771 HIGH
8.8 Sep 05

VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 2 of 2) via even

CVE-2018-14770 HIGH
8.8 Sep 05

VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 1 of 2) via the

CVE-2018-14769 HIGH
8.8 Sep 05

VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow CSRF. Rated high severity (CVSS 8.8), this vulnerability is remote

CVE-2018-14768 HIGH
8.8 Aug 29

Various VIVOTEK FD8*, FD9*, FE9*, IB8*, IB9*, IP9*, IZ9*, MS9*, SD9*, and other devices before XXXXXX-VVTK-xx06a allow r

CVE-2019-14458 HIGH
7.5 Sep 18

VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of service via a crafted HTTP header. Rated high sev

CVE-2023-21482 MEDIUM
6.1 Sep 03

Missing authorization vulnerability in Camera prior to versions 11.1.02.18 in Android 11, 12.1.03.8 in Android 12 and 13

CVE-2022-33712 MEDIUM
5.3 Jul 12

Intent redirection vulnerability using implict intent in Camera prior to versions 12.0.01.64 ,12.0.3.23, 12.0.0.98, 12.0

CVE-2024-20854 LOW
3.3 Apr 02

Improper handling of insufficient privileges vulnerability in Samsung Camera prior to versions 12.1.0.31 in Android 12,

Share

CVE-2023-30730 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy