Vulnerabilities > Samsung

DATE CVE VULNERABILITY TITLE RISK
2022-05-03 CVE-2022-28790 Improper Authentication vulnerability in Samsung Link to Windows Service
Improper authentication in Link to Windows Service prior to version 2.3.04.1 allows attacker to lock the device.
local
low complexity
samsung CWE-287
3.3
2022-05-03 CVE-2022-28791 Improper Input Validation vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4
Improper input validation vulnerability in InstallAgent in Galaxy Store prior to version 4.5.41.8 allows attacker to overwrite files stored in a specific path.
local
low complexity
samsung CWE-20
5.5
2022-05-03 CVE-2022-28792 Uncontrolled Search Path Element vulnerability in Samsung Gear Iconx PC Manager
DLL hijacking vulnerability in Gear IconX PC Manager prior to version 2.1.220405.51 allows attacker to execute arbitrary code.
local
low complexity
samsung CWE-427
7.8
2022-05-03 CVE-2022-28793 Improper Check for Unusual or Exceptional Conditions vulnerability in Samsung Galaxy S22 Firmware
Given the TEE is compromised and controlled by the attacker, improper state maintenance in StrongBox allows attackers to change Android ROT during device boot cycle after compromising TEE.
local
low complexity
samsung CWE-754
4.4
2022-04-11 CVE-2022-27837 Files or Directories Accessible to External Parties vulnerability in Samsung Accessibility 12.5.3.2
A vulnerability using PendingIntent in Accessibility prior to version 12.5.3.2 in Android R(11.0) and 13.0.1.1 in Android S(12.0) allows attacker to access the file with system privilege.
local
low complexity
samsung CWE-552
7.8
2022-04-11 CVE-2022-27838 Unspecified vulnerability in Samsung Factorycamera
Improper access control vulnerability in FactoryCamera prior to version 2.1.96 allows attacker to access the file with system privilege.
local
low complexity
samsung
7.8
2022-04-11 CVE-2022-27839 Improper Authentication vulnerability in Samsung Internet
Improper authentication vulnerability in SecretMode in Samsung Internet prior to version 16.2.1 allows attackers to access bookmark tab without proper credentials.
local
low complexity
samsung CWE-287
4.0
2022-04-11 CVE-2022-27840 Incorrect Default Permissions vulnerability in Samsung Recovery
Improper access control vulnerability in SamsungRecovery prior to version 8.1.43.0 allows local attckers to delete arbitrary files as SamsungRecovery permission.
local
low complexity
samsung CWE-276
4.4
2022-04-11 CVE-2022-27841 Improper Handling of Exceptional Conditions vulnerability in Samsung Pass 3.0.02.4
Improper exception handling in Samsung Pass prior to version 3.7.07.5 allows physical attacker to view the screen that is previously running without authentication
low complexity
samsung CWE-755
4.3
2022-04-11 CVE-2022-27842 Uncontrolled Search Path Element vulnerability in Samsung Smart Switch PC
DLL hijacking vulnerability in Smart Switch PC prior to version 4.2.22022_4 allows attacker to execute abitrary code.
local
low complexity
samsung CWE-427
7.8