CVE-2023-21482 | THREATINT

Description

Missing authorization vulnerability in Camera prior to versions 11.1.02.18 in Android 11, 12.1.03.8 in Android 12 and 13.1.01.4 in Android 13 allows physical attackers to install package through Galaxy store before completion of Setup wizard.

PUBLISHED Reserved 2022-11-14 | Published 2025-09-03 | Updated 2025-09-03 | Assigner SamsungMobile

MEDIUM: 6.1CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Problem types

CWE-862 Missing Authorization

Product status

Default status

affected

11.1.02.18 in Android 11, 12.1.03.8 in Android 12 and 13.1.01.4 in Android 13

unaffected

References

security.samsungmobile.com/...iceWeb.smsb?year=2023&month=04

cve.org (CVE-2023-21482)

nvd.nist.gov (CVE-2023-21482)

Download JSON