Vulnerabilities > Samsung > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-11 | CVE-2022-27839 | Improper Authentication vulnerability in Samsung Internet Improper authentication vulnerability in SecretMode in Samsung Internet prior to version 16.2.1 allows attackers to access bookmark tab without proper credentials. | 4.0 |
| 2022-04-11 | CVE-2022-27840 | Incorrect Default Permissions vulnerability in Samsung Recovery Improper access control vulnerability in SamsungRecovery prior to version 8.1.43.0 allows local attckers to delete arbitrary files as SamsungRecovery permission. | 4.4 |
| 2022-04-11 | CVE-2022-27841 | Improper Handling of Exceptional Conditions vulnerability in Samsung Pass 3.0.02.4 Improper exception handling in Samsung Pass prior to version 3.7.07.5 allows physical attacker to view the screen that is previously running without authentication | 4.3 |
| 2022-04-11 | CVE-2022-28542 | Incorrect Authorization vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4 Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.40.5 allows local attackers to access privileged content providers as Galaxy Store permission. | 5.5 |
| 2022-04-11 | CVE-2022-28543 | Path Traversal vulnerability in Samsung Flow 4.8.03.5/4.8.5.0 Path traversal vulnerability in Samsung Flow prior to version 4.8.07.4 allows local attackers to read arbitrary files as Samsung Flow permission. | 5.5 |
| 2022-04-11 | CVE-2022-28544 | Path Traversal vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4 Path traversal vulnerability in unzip method of InstallAgentCommonHelper in Galaxy store prior to version 4.5.40.5 allows attacker to access the file of Galaxy store. | 5.5 |
| 2022-03-10 | CVE-2022-24932 | Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022 Release 1 allows physical attacker package installation before finishing Setup wizard. | 4.6 |
| 2022-02-11 | CVE-2022-23433 | Unspecified vulnerability in Samsung Reminder 11.6.08.6000/12.2.05.6000 Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S(12), 12.2.05.6000 in Android R(11) and 11.6.08.6000 in Andoid Q(10) allows attackers to register reminders or execute exporeted activities remotely. | 5.3 |
| 2022-02-11 | CVE-2022-23998 | Incorrect Authorization vulnerability in Samsung Camera Improper access control vulnerability in Camera prior to versions 11.1.02.16 in Android R(11), 10.5.03.77 in Android Q(10) and 9.0.6.68 in Android P(9) allows untrusted applications to take a picture in screenlock status. | 5.5 |
| 2022-02-11 | CVE-2022-24002 | Unspecified vulnerability in Samsung Link Sharing Improper Authorization vulnerability in Link Sharing prior to version 12.4.00.3 allows attackers to open protected activity via PreconditionActivity. | 5.3 |