Cryptographic Vulnerability in Samsung Flow for Android: Message Decryption and Command Injection

Cryptographic Vulnerability in Samsung Flow for Android: Message Decryption and Command Injection

CVE-2023-21443 · HIGH Severity

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows adjacent attackers to decrypt encrypted messages or inject commands.

Learn more about our Cis Benchmark Audit For Google Android.