Vulnerabilities > Samsung > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-08 | CVE-2022-39901 | Improper Authentication vulnerability in Samsung Exynos Firmware Improper authentication in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to disable the network traffic encryption between UE and gNodeB. | 6.5 |
| 2022-12-08 | CVE-2022-39909 | Insufficient Verification of Data Authenticity vulnerability in Samsung Gear Iconx PC Manager 2.1.220405.51 Insufficient verification of data authenticity vulnerability in Samsung Gear IconX PC Manager prior to version 2.1.221019.51 allows local attackers to create arbitrary file using symbolic link. | 5.5 |
| 2022-12-08 | CVE-2022-39910 | Unspecified vulnerability in Samsung Pass 4.0.05.1 Improper access control vulnerability in Samsung Pass prior to version 4.0.06.7 allow physical attackers to access data of Samsung Pass on a certain state of an unlocked device using pop-up view. high complexity samsung | 4.2 |
| 2022-12-08 | CVE-2022-39911 | Unspecified vulnerability in Samsung Pass 4.0.05.1 Improper check or handling of exceptional conditions vulnerability in Samsung Pass prior to version 4.0.06.1 allows attacker to access Samsung Pass. low complexity samsung | 6.8 |
| 2022-12-08 | CVE-2022-39915 | Unspecified vulnerability in Samsung Calendar Improper access control vulnerability in Calendar prior to versions 11.6.08.0 in Android Q(10), 12.2.11.3000 in Android R(11), 12.3.07.2000 in Android S(12), and 12.4.02.0 in Android T(13) allows attackers to access sensitive information via implicit intent. | 5.5 |
| 2022-10-07 | CVE-2022-39857 | Unspecified vulnerability in Samsung Factorycamerafb 3.4.74 Improper access control vulnerability in CameraTestActivity in FactoryCameraFB prior to version 3.5.51 allows attackers to access broadcasting Intent as system uid privilege. | 5.5 |
| 2022-10-07 | CVE-2022-39863 | Unspecified vulnerability in Samsung Account Intent redirection vulnerability in Samsung Account prior to version 13.5.01.3 allows attackers to access content providers without permission. | 4.7 |
| 2022-10-07 | CVE-2022-39873 | Unspecified vulnerability in Samsung Internet Improper authorization vulnerability in Samsung Internet prior to version 18.0.4.14 allows physical attackers to add bookmarks in secret mode without user authentication. low complexity samsung | 4.6 |
| 2022-10-07 | CVE-2022-39874 | Information Exposure Through Log Files vulnerability in Samsung Account Sensitive log information leakage vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout. | 5.5 |
| 2022-10-07 | CVE-2022-39875 | Unspecified vulnerability in Samsung Account Improper component protection vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout. | 4.4 |