PT-2023-22941 · Samsung · Galaxy Book+3

Chan-Ho Kim

Published

2023-10-03

Updated

2023-10-05

CVE-2023-30738

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions UEFI Firmware versions prior to Oct-2023 Release in Galaxy Book, Galaxy Book Pro, Galaxy Book Pro 360, and Galaxy Book Odyssey

Description The issue is related to improper input validation in UEFI Firmware, allowing a local attacker to execute SMM memory corruption.

Recommendations For UEFI Firmware versions prior to Oct-2023 Release, update to the Oct-2023 Release or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2023-30738

Affected Products

Galaxy Book

Galaxy Book Odyssey

Galaxy Book Pro

Galaxy Book Pro 360

PT-2023-22941 · Samsung · Galaxy Book+3

CVE-2023-30738

Related Identifiers

Affected Products

References · 6