Vulnerability Database

296,172

Total vulnerabilities in the database

CVE-2023-21500

Double free validation vulnerability in setPinPadImages in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the trustlet memory.

  • Published: May 4, 2023
  • Updated: May 12, 2023
  • CVE: CVE-2023-21500
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.5
  • AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWEs:

Software From Fixed in
samsung / android 13.0-smr-apr-2023-r1 13.0-smr-apr-2023-r1.x
samsung / android 13.0-smr-dec-2022-r1 13.0-smr-dec-2022-r1.x
samsung / android 13.0-smr-feb-2023-r1 13.0-smr-feb-2023-r1.x
samsung / android 13.0 13.0.x
samsung / android 13.0-smr-mar-2023-r1 13.0-smr-mar-2023-r1.x
samsung / android 13.0-smr-nov-2022-r1 13.0-smr-nov-2022-r1.x
samsung / android 13.0-smr-oct-2022-r1 13.0-smr-oct-2022-r1.x
samsung / android 13.0-smr-jan-2023-r1 13.0-smr-jan-2023-r1.x