CVE-2023-42571

medium

Description

Abuse of remote unlock in Find My Mobile prior to version 7.3.13.4 allows physical attacker to unlock the device remotely by resetting the Samsung Account password with SMS verification when user lost the device.

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12

Details

Source: Mitre, NVD

Published: 2023-12-05

Updated: 2023-12-11

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 6.8

Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Medium

EPSS

EPSS: 0.00115

Detections

Analytics