CVE-2023-21463

MEDIUM

Samsung MyFiles < 12.2.09.0 - Improper Access Control

Title source: llm

Description

Improper access control vulnerability in MyFiles application prior to versions 12.2.09.0 in Android 11, 13.1.03.501 in Android 12 and 14.1.03.0 in Android 13 allows local attacker to get sensitive information of secret mode in Samsung Internet application with specific conditions.

References (1)

Core 1

Core References

Vendor Advisory

https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=03

Scores

CVSS v3 4.0

EPSS 0.0006

EPSS Percentile 17.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE

CWE-284

Status published

Products (1)

samsung/myfiles < 12.2.09.0

Published Mar 16, 2023

Tracked Since Feb 18, 2026