What is CVE-2023-21462?

CVE-2023-21462 is a medium-severity vulnerability in Samsung Mobile Quick Share Agent, classified under Insertion of Sensitive Information Into Debugging Code. CVSS score: 4.2/10. Published 2023-03-16.

How severe is CVE-2023-21462?

Medium severity. CVSS v3 base score is 4.2 out of 10.

Vulnerability in Samsung Mobile Quick Share Agent

CVE-2023-21462

The sensitive information exposure vulnerability in Quick Share Agent prior to versions 3.5.14.18 in Android 12 and 3.5.16.20 in Android 13 allows to local attacker to access MAC address without related permission.

EPSS: 0.001 (15.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.2 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N.

Affected products

Samsung Mobile Quick Share Agent — versions unspecified

Weakness classification (CWE)

CWE-215 — Insertion of Sensitive Information Into Debugging Code

References

security.samsungmobile.com/serviceWeb.smsb

Frequently asked questions

What is CVE-2023-21462?: CVE-2023-21462 is a medium-severity vulnerability in Samsung Mobile Quick Share Agent, classified under Insertion of Sensitive Information Into Debugging Code. CVSS score: 4.2/10. Published 2023-03-16.
How severe is CVE-2023-21462?: Medium severity. CVSS v3 base score is 4.2 out of 10.