Vulnerabilities > CVE-2022-22268 - Files or Directories Accessible to External Parties vulnerability in Google Android

CVSS 6.1 - MEDIUM

Attack vector

PHYSICAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

NONE

low complexity

google

CWE-552

NVD

Published: 2022-01-10

Updated: 2022-01-14

Summary

Incorrect implementation of Knox Guard prior to SMR Jan-2022 Release 1 allows physically proximate attackers to temporary unlock the Knox Guard via Samsung DeX mode.

Vulnerable Configurations

Part	Description	Count
OS	Google Google Android 9.0 Google Android 10.0 Google Android 11.0 Google Android 12.0	4

Common Weakness Enumeration (CWE)

CWE-552 - Files or Directories Accessible to External Parties

References

https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=1