CVE-2023-30687
Description
Out-of-bounds Write in RmtUimApdu of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Out-of-bounds write in RmtUimApdu of libsec-ril on Samsung devices allows local attacker to execute arbitrary code.
Vulnerability
An out-of-bounds write vulnerability exists in the RmtUimApdu function of libsec-ril on Samsung devices. This affects all versions prior to SMR Aug-2023 Release 1. The bug resides in the radio interface layer library and is reachable via local access.
Exploitation
An attacker with local access to the device can trigger the out-of-bounds write by sending a crafted APDU command. No additional authentication or user interaction is required beyond local execution capability.
Impact
Successful exploitation allows arbitrary code execution in the context of the libsec-ril process, potentially leading to full compromise of the device's radio interface and further privilege escalation.
Mitigation
Samsung addressed this vulnerability in the SMR Aug-2023 Release 1 security update [1]. Users should apply the latest firmware patch. No workaround is available for unpatched devices.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: < SMR Aug-2023 Release 1
- Range: SMR Aug-2023 Release 1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.