Login Sign Up

CVE-2023-21482

6.1 MEDIUM
Authentication Bypass

📋 TL;DR

A missing authorization vulnerability in Samsung Camera apps allows physical attackers to install packages through the Galaxy Store before completing the device setup wizard. This affects Samsung devices running Android 11, 12, and 13 with vulnerable Camera app versions. Attackers need physical access to exploit this vulnerability.

💻 Affected Systems

Products:
  • Samsung Camera app
Versions: Camera app versions prior to 11.1.02.18 in Android 11, prior to 12.1.03.8 in Android 12, and prior to 13.1.01.4 in Android 13
Operating Systems: Android 11, Android 12, Android 13
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects Samsung devices with vulnerable Camera app versions. Requires physical access during device setup wizard.

📦 What is this software?

Camera by Samsung

View all CVEs affecting Camera →

Camera by Samsung

View all CVEs affecting Camera →

Camera by Samsung

View all CVEs affecting Camera →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Physical attacker installs malicious apps during initial device setup, potentially gaining persistent access or compromising device security before user completes configuration.

🟠

Likely Case

Malicious actor with brief physical access during setup installs unwanted apps or spyware before device is secured.

🟢

If Mitigated

No impact if device setup is completed in secure environment or if physical access is controlled.

🌐 Internet-Facing: LOW - Requires physical access to device, not remotely exploitable.
🏢 Internal Only: MEDIUM - Physical access requirement makes this relevant for lost/stolen devices or insider threats during initial setup.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires physical access to device during initial setup process. No authentication bypass needed as vulnerability occurs before user completes setup.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Camera app version 11.1.02.18 for Android 11, 12.1.03.8 for Android 12, and 13.1.01.4 for Android 13

Vendor Advisory: https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=04

Restart Required: No

Instructions:

1. Update Samsung Camera app via Galaxy Store. 2. Ensure device receives latest security updates. 3. For enterprise devices, push updates via MDM solution.

🔧 Temporary Workarounds

Complete setup in secure environment

all

Ensure device setup wizard is completed in controlled, secure location without unauthorized physical access.

🧯 If You Can't Patch

  • Physically secure devices during initial setup process
  • Implement device enrollment controls via MDM to prevent unauthorized app installations

🔍 How to Verify

Check if Vulnerable:

Check Camera app version in Settings > Apps > Camera > App info. Compare against patched versions.

Check Version:

adb shell dumpsys package com.sec.android.app.camera | grep versionName

Verify Fix Applied:

Verify Camera app version is equal to or higher than patched versions: 11.1.02.18 (Android 11), 12.1.03.8 (Android 12), or 13.1.01.4 (Android 13).

📡 Detection & Monitoring

Log Indicators:

  • Package installation events during device setup phase
  • Galaxy Store activity before setup completion

Network Indicators:

  • Unexpected network traffic from Galaxy Store during initial setup

SIEM Query:

source="android_logs" AND (event="package_install" OR event="app_install") AND timestamp > device_first_boot AND timestamp < setup_complete

📊 Metadata

CVE ID: CVE-2023-21482
CVSS v3 Score: 6.1 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score: 0.02% exploit probability (4.8th percentile)
Published: September 3, 2025
Last Updated: October 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON