Vulnerabilities > Samsung
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-03 | CVE-2022-28793 | Improper Check for Unusual or Exceptional Conditions vulnerability in Samsung Galaxy S22 Firmware Given the TEE is compromised and controlled by the attacker, improper state maintenance in StrongBox allows attackers to change Android ROT during device boot cycle after compromising TEE. | 4.4 |
| 2022-04-11 | CVE-2022-27837 | Files or Directories Accessible to External Parties vulnerability in Samsung Accessibility 12.5.3.2 A vulnerability using PendingIntent in Accessibility prior to version 12.5.3.2 in Android R(11.0) and 13.0.1.1 in Android S(12.0) allows attacker to access the file with system privilege. | 7.8 |
| 2022-04-11 | CVE-2022-27838 | Unspecified vulnerability in Samsung Factorycamera Improper access control vulnerability in FactoryCamera prior to version 2.1.96 allows attacker to access the file with system privilege. | 7.8 |
| 2022-04-11 | CVE-2022-27839 | Improper Authentication vulnerability in Samsung Internet Improper authentication vulnerability in SecretMode in Samsung Internet prior to version 16.2.1 allows attackers to access bookmark tab without proper credentials. | 4.0 |
| 2022-04-11 | CVE-2022-27840 | Incorrect Default Permissions vulnerability in Samsung Recovery Improper access control vulnerability in SamsungRecovery prior to version 8.1.43.0 allows local attckers to delete arbitrary files as SamsungRecovery permission. | 4.4 |
| 2022-04-11 | CVE-2022-27841 | Improper Handling of Exceptional Conditions vulnerability in Samsung Pass 3.0.02.4 Improper exception handling in Samsung Pass prior to version 3.7.07.5 allows physical attacker to view the screen that is previously running without authentication | 4.3 |
| 2022-04-11 | CVE-2022-27842 | Uncontrolled Search Path Element vulnerability in Samsung Smart Switch PC DLL hijacking vulnerability in Smart Switch PC prior to version 4.2.22022_4 allows attacker to execute abitrary code. | 7.8 |
| 2022-04-11 | CVE-2022-27843 | Uncontrolled Search Path Element vulnerability in Samsung Kies 2.3.2.12074/2.3.2.120741313/2.5.0.120942711 DLL hijacking vulnerability in Kies prior to version 2.6.4.22014_2 allows attacker to execute abitrary code. | 7.8 |
| 2022-04-11 | CVE-2022-28541 | Uncontrolled Search Path Element vulnerability in Samsung Update Uncontrolled search path element vulnerability in Samsung Update prior to version 3.0.77.0 allows attackers to execute arbitrary code as Samsung Update permission. | 7.8 |
| 2022-04-11 | CVE-2022-28542 | Incorrect Authorization vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4 Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.40.5 allows local attackers to access privileged content providers as Galaxy Store permission. | 5.5 |