CVE-2023-42571 – This vulnerability in Samsung's Find My Mobile ... (How to Fix)

Q: What is the severity of CVE-2023-42571?

CVE-2023-42571 has a CVSS score of 7.6 (HIGH). This vulnerability in Samsung's Find My Mobile service allows a physical attacker to remotely unlock a lost device by resetting the Samsung Account password via SMS verification. It affects Samsung device users who haven't updated to the patched version of Find My Mobile.

📋 TL;DR

This vulnerability in Samsung's Find My Mobile service allows a physical attacker to remotely unlock a lost device by resetting the Samsung Account password via SMS verification. It affects Samsung device users who haven't updated to the patched version of Find My Mobile.

💻 Affected Systems

Products:

Samsung Find My Mobile service

Versions: Versions prior to 7.3.13.4

Operating Systems: Android with Samsung services

Default Config Vulnerable: ⚠️ Yes

Notes: Requires physical access to the device and ability to trigger SMS verification.

📦 What is this software?

Find My Mobile by Samsung

View all CVEs affecting Find My Mobile →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attacker gains full physical access to a lost/stolen device, bypassing all device security and accessing all user data.

🟠

Likely Case

Physical attacker unlocks a stolen Samsung device to access personal data, accounts, and potentially perform financial fraud.

🟢

If Mitigated

Device remains locked and secure if user has updated Find My Mobile or uses additional authentication factors.

🌐 Internet-Facing: LOW

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires physical access to device and knowledge of associated phone number.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 7.3.13.4

Vendor Advisory: https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12

Restart Required: No

Instructions:

1. Open Galaxy Store or Google Play Store. 2. Search for 'Find My Mobile'. 3. Update to version 7.3.13.4 or later. 4. Ensure Samsung Account settings require additional authentication beyond SMS.

🔧 Temporary Workarounds

Disable SMS-based password reset

android

Configure Samsung Account to require additional authentication factors beyond SMS verification

Enable additional lock screen security

android

Use biometric authentication or strong PIN instead of simple patterns

🧯 If You Can't Patch

Disable Find My Mobile service temporarily
Enable remote wipe capability and monitor device location

🔍 How to Verify

Check if Vulnerable:

Check Find My Mobile app version in device settings or app store

Check Version:

Settings > Apps > Find My Mobile > App info > Version

Verify Fix Applied:

Confirm Find My Mobile version is 7.3.13.4 or later

📡 Detection & Monitoring

Log Indicators:

Multiple failed unlock attempts followed by successful remote unlock
Samsung Account password reset via SMS

Network Indicators:

SMS verification requests to Samsung servers from unusual locations

SIEM Query:

source="samsung_account" AND (event="password_reset" OR event="remote_unlock")

📊 Metadata

CVE ID: CVE-2023-42571

CVSS v3 Score: 7.6 (HIGH)

CVSS Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Published: December 5, 2023

Last Updated: November 21, 2024

🔗 References

https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12 Vendor Advisory
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON