Stack overflow vulnerability in SSHDCPAPP TA prior to "SAMSUNG ELECTONICS, CO, LTD. - System Hardware Update - 7/13/2023" in Windows Update for Galaxy book Go, Galaxy book Go 5G, Galaxy book2 Go and Galaxy book2 Pro 360 allows local attacker to execute arbitrary code.
References
| Link | Resource |
|---|---|
| https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=08 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
History
15 Aug 2023, 17:48
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:h:samsung:galaxy_book2_go:-:*:*:*:*:*:*:* cpe:2.3:h:samsung:galaxy_book_go_5g:-:*:*:*:*:*:*:* cpe:2.3:h:samsung:galaxy_book_go:-:*:*:*:*:*:*:* cpe:2.3:h:samsung:galaxy_book2_pro_360:-:*:*:*:*:*:*:* cpe:2.3:o:samsung:galaxy_book2_pro_360_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:samsung:galaxy_book_go_5g_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:samsung:galaxy_book_go_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:samsung:galaxy_book2_go_firmware:-:*:*:*:*:*:*:* |
|
| CWE | CWE-787 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
| References | (MISC) https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=08 - Vendor Advisory | |
| First Time |
Samsung galaxy Book Go Firmware
Samsung Samsung galaxy Book2 Pro 360 Samsung galaxy Book2 Pro 360 Firmware Samsung galaxy Book2 Go Samsung galaxy Book2 Go Firmware Samsung galaxy Book Go 5g Samsung galaxy Book Go 5g Firmware Samsung galaxy Book Go |
10 Aug 2023, 02:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-08-10 02:15
Updated : 2023-11-07 04:13
NVD link : CVE-2023-30702
Mitre link : CVE-2023-30702
JSON object : View
Products Affected
samsung
- galaxy_book2_pro_360_firmware
- galaxy_book2_go
- galaxy_book_go
- galaxy_book_go_5g_firmware
- galaxy_book_go_firmware
- galaxy_book_go_5g
- galaxy_book2_pro_360
- galaxy_book2_go_firmware
CWE
CWE-787
Out-of-bounds Write