PT-2023-22836 · Samsung · Galaxy Themes Service
Published
2023-07-06
·
Updated
2023-07-12
·
CVE-2023-30642
CVSS v3.1
6.2
Medium
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Galaxy Themes Service versions prior to SMR Jul-2023 Release 1
Description
The issue is related to improper privilege management, allowing local attackers to call privilege functions. This could potentially lead to unauthorized access or actions within the system.
Recommendations
For Galaxy Themes Service versions prior to SMR Jul-2023 Release 1, update to the SMR Jul-2023 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting local access to the Galaxy Themes Service to minimize the risk of exploitation.
Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Galaxy Themes Service