CVE-2023-21482

Published: Sep 3, 2025Modified: Oct 1, 2025

4.6

Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 0.9 / Impact: 3.6

Source: NVD

Description

Missing authorization vulnerability in Camera prior to versions 11.1.02.18 in Android 11, 12.1.03.8 in Android 12 and 13.1.01.4 in Android 13 allows physical attackers to install package through Galaxy store before completion of Setup wizard.

Affected (3)

Products: Samsung: Camera

Samsung

1 product

Camera

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Samsung Camera	Before 11.1.02.18

Running on/with	Platform Versions
Google Android	Version 11.0

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Samsung Camera	Before 12.1.03.8

Running on/with	Platform Versions
Google Android	Version 12.0

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Samsung Camera	Before 13.1.04.4

Running on/with	Platform Versions
Google Android	Version 13.0

References (1)

https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=04

Source: mobile.security@samsung.com

Vendor Advisory

Timeline

No history available yet.