Vulnerabilities > CVE-2022-39910 - Unspecified vulnerability in Samsung Pass 4.0.05.1

CVSS 4.2 - MEDIUM

Attack vector

PHYSICAL

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

high complexity

samsung

NVD

Published: 2022-12-08

Updated: 2022-12-12

Summary

Improper access control vulnerability in Samsung Pass prior to version 4.0.06.7 allow physical attackers to access data of Samsung Pass on a certain state of an unlocked device using pop-up view.

Vulnerable Configurations

Part	Description	Count
Application	Samsung Samsung Pass - Samsung Pass 4.0.05.1	2

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=12