Stack overflow vulnerability in SSHDCPAPP TA prior to "SAMSUNG ELECTONICS, CO, LTD. - System Hardware Update - 7/13/2023" in Windows Update for Galaxy book Go, Galaxy book Go 5G, Galaxy book2 Go and Galaxy book2 Pro 360 allows local attacker to execute arbitrary code.
References
Link | Resource |
---|---|
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=08 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
History
15 Aug 2023, 17:48
Type | Values Removed | Values Added |
---|---|---|
First Time |
Samsung galaxy Book2 Pro 360 Firmware
Samsung galaxy Book2 Go Samsung galaxy Book Go Samsung galaxy Book Go Firmware Samsung galaxy Book Go 5g Samsung galaxy Book Go 5g Firmware Samsung galaxy Book2 Pro 360 Samsung Samsung galaxy Book2 Go Firmware |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CWE | CWE-787 | |
CPE | cpe:2.3:h:samsung:galaxy_book2_go:-:*:*:*:*:*:*:* cpe:2.3:o:samsung:galaxy_book_go_5g_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:samsung:galaxy_book2_go_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:samsung:galaxy_book2_pro_360:-:*:*:*:*:*:*:* cpe:2.3:h:samsung:galaxy_book_go_5g:-:*:*:*:*:*:*:* cpe:2.3:h:samsung:galaxy_book_go:-:*:*:*:*:*:*:* cpe:2.3:o:samsung:galaxy_book_go_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:samsung:galaxy_book2_pro_360_firmware:-:*:*:*:*:*:*:* |
|
References | (MISC) https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=08 - Vendor Advisory |
10 Aug 2023, 12:43
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-10 02:15
Updated : 2023-12-10 15:14
NVD link : CVE-2023-30702
Mitre link : CVE-2023-30702
CVE.ORG link : CVE-2023-30702
JSON object : View
Products Affected
samsung
- galaxy_book2_go_firmware
- galaxy_book2_go
- galaxy_book_go_5g
- galaxy_book2_pro_360_firmware
- galaxy_book2_pro_360
- galaxy_book_go
- galaxy_book_go_firmware
- galaxy_book_go_5g_firmware
CWE
CWE-787
Out-of-bounds Write