CVE-2023-30730

Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12.1.00.30, 12.0.07.53, 12.1.03.10 in Android 12, and 13.0.01.43, 13.1.00.83 in Android 13 allows local attacker to access specific file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.3 LOW
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Samsung MobileCNA
3.3 LOW
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
VendorProductVersion
samsungcamera
11.0.00.00 ≤
𝑥
< 11.0.16.43
samsungcamera
12.0.00.00 ≤
𝑥
< 12.0.07.53
samsungcamera
12.1.00.00 ≤
𝑥
< 12.1.00.30
samsungcamera
12.1.03.00 ≤
𝑥
< 12.1.03.10
samsungcamera
𝑥
< 13.0.01.43
samsungcamera
13.1.00.00 ≤
𝑥
< 13.1.00.83
𝑥
= Vulnerable software versions
References
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=09
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=09