Vulnerabilities > CVE-2022-28777 - Unspecified vulnerability in Samsung Members

CVSS 3.3 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

local

low complexity

samsung

NVD

Published: 2022-04-11

Updated: 2023-06-28

Summary

Improper access control vulnerability in Samsung Members prior to version 13.6.08.5 allows local attacker to execute call function without CALL_PHONE permission.

Vulnerable Configurations

Part	Description	Count
Application	Samsung Samsung Members - Samsung Members 2.4.81.13 Samsung Members 2.4.85.11 Samsung Members 3.8.00.13 Samsung Members 3.9.10.11 Samsung Members 4.2.005	6

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=4