Remote Unlock Vulnerability in Find My Mobile Prior to Version 7.3.13.4: Exploiting Samsung Account Password Reset with SMS Verification

Remote Unlock Vulnerability in Find My Mobile Prior to Version 7.3.13.4: Exploiting Samsung Account Password Reset with SMS Verification

CVE-2023-42571 · MEDIUM Severity

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Abuse of remote unlock in Find My Mobile prior to version 7.3.13.4 allows physical attacker to unlock the device remotely by resetting the Samsung Account password with SMS verification when user lost the device.

Learn more about our Mobile App Penetration Testing.