PT-2023-18232 · Google+1 · Android 13+4
Published
2023-03-16
·
Updated
2023-03-23
·
CVE-2023-21463
CVSS v3.1
4.0
Medium
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
MyFiles application versions prior to 12.2.09.0 in Android 11
MyFiles application versions prior to 13.1.03.501 in Android 12
MyFiles application versions prior to 14.1.03.0 in Android 13
Description
The issue is related to improper access control in the MyFiles application, allowing a local attacker to obtain sensitive information from the secret mode in the Samsung Internet application under specific conditions.
Recommendations
For MyFiles application versions prior to 12.2.09.0 in Android 11, update to version 12.2.09.0 or later.
For MyFiles application versions prior to 13.1.03.501 in Android 12, update to version 13.1.03.501 or later.
For MyFiles application versions prior to 14.1.03.0 in Android 13, update to version 14.1.03.0 or later.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Android 11
Android 12
Android 13
Myfiles
Samsung Internet