CVE-2023-42571 — HIGH (7.6)

Q: How severe is CVE-2023-42571?

CVE-2023-42571 has been rated HIGH with a CVSS base score of 7.6/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-42571?

Check the references section above for vendor advisories and patch information. Affected products include: Samsung Find My Mobile.

Vulnerability Description

Abuse of remote unlock in Find My Mobile prior to version 7.3.13.4 allows physical attacker to unlock the device remotely by resetting the Samsung Account password with SMS verification when user lost the device.

CVSS Score

7.6

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Samsung	Find My Mobile	< 7.3.13.4

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12Vendor Advisory
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12Vendor Advisory

FAQ

What is CVE-2023-42571?

CVE-2023-42571 is a vulnerability with a CVSS score of 7.6 (HIGH). Abuse of remote unlock in Find My Mobile prior to version 7.3.13.4 allows physical attacker to unlock the device remotely by resetting the Samsung Account password with SMS verification when user lost...

How severe is CVE-2023-42571?

CVE-2023-42571 has been rated HIGH with a CVSS base score of 7.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-42571?

Check the references section above for vendor advisories and patch information. Affected products include: Samsung Find My Mobile.