Vulnerabilities > Samsung
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-07 | CVE-2022-30746 | Missing Authorization vulnerability in Samsung Smartthings 1.7.73.22 Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access senstive information remotely using javascript interface API. | 7.5 |
| 2022-06-07 | CVE-2022-30747 | Incorrect Default Permissions vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12 PendingIntent hijacking vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to access files without permission via implicit Intent. | 5.5 |
| 2022-06-07 | CVE-2022-30748 | Unspecified vulnerability in Samsung Members Unprotected dynamic receiver in Samsung Members prior to version 4.2.005 allows attacker to launch arbitrary activity. | 5.5 |
| 2022-06-07 | CVE-2022-30749 | Improper Authentication vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12 Improper access control vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to add arbitrary smart devices by bypassing login activity. | 7.8 |
| 2022-05-03 | CVE-2022-28789 | Missing Authorization vulnerability in Samsung Voice Note Unprotected activities in Voice Note prior to version 21.3.51.11 allows attackers to record voice without user interaction. | 5.5 |
| 2022-05-03 | CVE-2022-28790 | Improper Authentication vulnerability in Samsung Link to Windows Service Improper authentication in Link to Windows Service prior to version 2.3.04.1 allows attacker to lock the device. | 3.3 |
| 2022-05-03 | CVE-2022-28791 | Improper Input Validation vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4 Improper input validation vulnerability in InstallAgent in Galaxy Store prior to version 4.5.41.8 allows attacker to overwrite files stored in a specific path. | 5.5 |
| 2022-05-03 | CVE-2022-28792 | Uncontrolled Search Path Element vulnerability in Samsung Gear Iconx PC Manager DLL hijacking vulnerability in Gear IconX PC Manager prior to version 2.1.220405.51 allows attacker to execute arbitrary code. | 7.8 |
| 2022-05-03 | CVE-2022-28793 | Improper Check for Unusual or Exceptional Conditions vulnerability in Samsung Galaxy S22 Firmware Given the TEE is compromised and controlled by the attacker, improper state maintenance in StrongBox allows attackers to change Android ROT during device boot cycle after compromising TEE. | 4.4 |
| 2022-04-11 | CVE-2022-27837 | Files or Directories Accessible to External Parties vulnerability in Samsung Accessibility 12.5.3.2 A vulnerability using PendingIntent in Accessibility prior to version 12.5.3.2 in Android R(11.0) and 13.0.1.1 in Android S(12.0) allows attacker to access the file with system privilege. | 7.8 |