CVE-2023-30705

MEDIUM

Samsung Galaxy Store < 4.5.56.6 - Incorrect Authorization via Intent Sanitization Issue

Title source: llm

Description

Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.56.6?allows local attackers to access privileged content providers as Galaxy Store permission.

References (1)

Core 1

Core References

Vendor Advisory

https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=08

Scores

CVSS v3 6.8

EPSS 0.0005

EPSS Percentile 16.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-863

Status published

Products (1)

samsung/galaxy_store < 4.5.56.6

Published Aug 10, 2023

Tracked Since Feb 18, 2026