CVE Vulnerabilities

CVE-2023-21466

Improper Authentication

Published: Sep 03, 2025 | Modified: Sep 08, 2025
CVSS 3.x
3.3
LOW
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

PendingIntent hijacking vulnerability in CertificatePolicy in framework prior to SMR Apr-2023 Release 1 allows local attackers to access contentProvider without proper permission.

Weakness

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Affected Software

Name Vendor Start Version End Version
Android Samsung 11.0 (including) 11.0 (including)
Android Samsung 11.0-smr-apr-2021-r1 (including) 11.0-smr-apr-2021-r1 (including)
Android Samsung 11.0-smr-apr-2022-r1 (including) 11.0-smr-apr-2022-r1 (including)
Android Samsung 11.0-smr-aug-2021-r1 (including) 11.0-smr-aug-2021-r1 (including)
Android Samsung 11.0-smr-aug-2022-r1 (including) 11.0-smr-aug-2022-r1 (including)
Android Samsung 11.0-smr-dec-2020-r1 (including) 11.0-smr-dec-2020-r1 (including)
Android Samsung 11.0-smr-dec-2021-r1 (including) 11.0-smr-dec-2021-r1 (including)
Android Samsung 11.0-smr-dec-2022-r1 (including) 11.0-smr-dec-2022-r1 (including)
Android Samsung 11.0-smr-feb-2021-r1 (including) 11.0-smr-feb-2021-r1 (including)
Android Samsung 11.0-smr-feb-2022-r1 (including) 11.0-smr-feb-2022-r1 (including)
Android Samsung 11.0-smr-feb-2023-r1 (including) 11.0-smr-feb-2023-r1 (including)
Android Samsung 11.0-smr-jan-2021-r1 (including) 11.0-smr-jan-2021-r1 (including)
Android Samsung 11.0-smr-jan-2022-r1 (including) 11.0-smr-jan-2022-r1 (including)
Android Samsung 11.0-smr-jan-2023-r1 (including) 11.0-smr-jan-2023-r1 (including)
Android Samsung 11.0-smr-jul-2021-r1 (including) 11.0-smr-jul-2021-r1 (including)
Android Samsung 11.0-smr-jul-2022-r1 (including) 11.0-smr-jul-2022-r1 (including)
Android Samsung 11.0-smr-jun-2021-r1 (including) 11.0-smr-jun-2021-r1 (including)
Android Samsung 11.0-smr-jun-2022-r1 (including) 11.0-smr-jun-2022-r1 (including)
Android Samsung 11.0-smr-mar-2021-r1 (including) 11.0-smr-mar-2021-r1 (including)
Android Samsung 11.0-smr-mar-2022-r1 (including) 11.0-smr-mar-2022-r1 (including)
Android Samsung 11.0-smr-mar-2023-r1 (including) 11.0-smr-mar-2023-r1 (including)
Android Samsung 11.0-smr-may-2021-r1 (including) 11.0-smr-may-2021-r1 (including)
Android Samsung 11.0-smr-may-2022-r1 (including) 11.0-smr-may-2022-r1 (including)
Android Samsung 11.0-smr-nov-2021-r1 (including) 11.0-smr-nov-2021-r1 (including)
Android Samsung 11.0-smr-nov-2022-r1 (including) 11.0-smr-nov-2022-r1 (including)
Android Samsung 11.0-smr-oct-2021-r1 (including) 11.0-smr-oct-2021-r1 (including)
Android Samsung 11.0-smr-oct-2022-r1 (including) 11.0-smr-oct-2022-r1 (including)
Android Samsung 11.0-smr-sep-2021-r1 (including) 11.0-smr-sep-2021-r1 (including)
Android Samsung 11.0-smr-sep-2022-r1 (including) 11.0-smr-sep-2022-r1 (including)
Android Samsung 12.0 (including) 12.0 (including)
Android Samsung 12.0-smr-apr-2022-r1 (including) 12.0-smr-apr-2022-r1 (including)
Android Samsung 12.0-smr-aug-2022-r1 (including) 12.0-smr-aug-2022-r1 (including)
Android Samsung 12.0-smr-dec-2022-r1 (including) 12.0-smr-dec-2022-r1 (including)
Android Samsung 12.0-smr-feb-2022-r1 (including) 12.0-smr-feb-2022-r1 (including)
Android Samsung 12.0-smr-feb-2023-r1 (including) 12.0-smr-feb-2023-r1 (including)
Android Samsung 12.0-smr-jan-2023-r1 (including) 12.0-smr-jan-2023-r1 (including)
Android Samsung 12.0-smr-jul-2022-r1 (including) 12.0-smr-jul-2022-r1 (including)
Android Samsung 12.0-smr-jun-2022-r1 (including) 12.0-smr-jun-2022-r1 (including)
Android Samsung 12.0-smr-mar-2022-r1 (including) 12.0-smr-mar-2022-r1 (including)
Android Samsung 12.0-smr-mar-2023-r1 (including) 12.0-smr-mar-2023-r1 (including)
Android Samsung 12.0-smr-may-2022-r1 (including) 12.0-smr-may-2022-r1 (including)
Android Samsung 12.0-smr-nov-2022-r1 (including) 12.0-smr-nov-2022-r1 (including)
Android Samsung 12.0-smr-oct-2022-r1 (including) 12.0-smr-oct-2022-r1 (including)
Android Samsung 12.0-smr-sep-2022-r1 (including) 12.0-smr-sep-2022-r1 (including)
Android Samsung 13.0 (including) 13.0 (including)
Android Samsung 13.0-smr-apr-2022-r1 (including) 13.0-smr-apr-2022-r1 (including)
Android Samsung 13.0-smr-aug-2022-r1 (including) 13.0-smr-aug-2022-r1 (including)
Android Samsung 13.0-smr-dec-2022-r1 (including) 13.0-smr-dec-2022-r1 (including)
Android Samsung 13.0-smr-feb-2022-r1 (including) 13.0-smr-feb-2022-r1 (including)
Android Samsung 13.0-smr-feb-2023-r1 (including) 13.0-smr-feb-2023-r1 (including)
Android Samsung 13.0-smr-jan-2022-r1 (including) 13.0-smr-jan-2022-r1 (including)
Android Samsung 13.0-smr-jan-2023-r1 (including) 13.0-smr-jan-2023-r1 (including)
Android Samsung 13.0-smr-jul-2022-r1 (including) 13.0-smr-jul-2022-r1 (including)
Android Samsung 13.0-smr-jun-2022-r1 (including) 13.0-smr-jun-2022-r1 (including)
Android Samsung 13.0-smr-mar-2022-r1 (including) 13.0-smr-mar-2022-r1 (including)
Android Samsung 13.0-smr-mar-2023-r1 (including) 13.0-smr-mar-2023-r1 (including)
Android Samsung 13.0-smr-may-2022-r1 (including) 13.0-smr-may-2022-r1 (including)
Android Samsung 13.0-smr-nov-2022-r1 (including) 13.0-smr-nov-2022-r1 (including)
Android Samsung 13.0-smr-oct-2022-r1 (including) 13.0-smr-oct-2022-r1 (including)
Android Samsung 13.0-smr-sep-2022-r1 (including) 13.0-smr-sep-2022-r1 (including)

Potential Mitigations

References