12.0

CVSS 6.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

google

CWE-1021

NVD

Published: 2022-08-05

Updated: 2022-08-12

Summary

A vulnerable code in onCreate of BluetoothScanDialog prior to SMR Aug-2022 Release 1, allows attackers to trick the user to select an unwanted bluetooth device via tapjacking/overlay attack.

Vulnerable Configurations

Part	Description	Count
OS	Google Google Android 10.0 Google Android 11.0 Google Android 12.0	3

Common Weakness Enumeration (CWE)

CWE-1021 - Improper Restriction of Rendered UI Layers or Frames

References

https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08