Main Vulnerability Database Vulnerabilities #VU83866

#VU83866 Improper Authentication in Find My Mobile - CVE-2023-42571

Published: December 5, 2023

Vulnerability identifier: #VU83866

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-42571

CWE-ID: CWE-287

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Find My Mobile

Software vendor:
Samsung

Description

The vulnerability allows an attacker to unlock the device.

The vulnerability exists due to an error in the remote device unlock. An attacker with physical access to device can unlock the device remotely by resetting the Samsung Account password with SMS verification.

Remediation

Install updates from vendor's website.

External links

https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12

#VU83866 Improper Authentication in Find My Mobile - CVE-2023-42571

Description

Remediation

External links

Please verify you're human