2.2.05.22012751

CVSS 6.2 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

samsung

CWE-755

NVD

Published: 2022-09-09

Updated: 2022-09-21

Summary

Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin prior to 2.2.11.22040751 allows attacker to access device IMEI and Serial number.

Vulnerable Configurations

Part	Description	Count
Application	Samsung Samsung Galaxy Watch Plugin - Samsung Galaxy Watch Plugin 2.2.05.21033151 Samsung Galaxy Watch Plugin 2.2.05.22012751 Samsung Galaxy Watch Plugin 2.2.05.220126741	4

Common Weakness Enumeration (CWE)

CWE-755 - Improper Handling of Exceptional Conditions

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=09