Samsung

Active Debug Code vulnerability in ActivityManagerService prior to SMR May-2023 Release 1

CVE-2023-21496 5.5 - Medium - May 04, 2023

Active Debug Code vulnerability in ActivityManagerService prior to SMR May-2023 Release 1 allows attacker to use debug function via setting debug level.

Use of externally-controlled format string vulnerability in mPOS TUI trustlet prior to SMR May-2023 Release 1

CVE-2023-21497 7.8 - High - May 04, 2023

Use of externally-controlled format string vulnerability in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the memory address.

Use of Externally-Controlled Format String

Improper input validation vulnerability in setPartnerTAInfo in mPOS TUI trustlet prior to SMR May-2023 Release 1

CVE-2023-21498 7.8 - High - May 04, 2023

Improper input validation vulnerability in setPartnerTAInfo in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to overwrite the trustlet memory.

Improper Input Validation

Double free validation vulnerability in setPinPadImages in mPOS TUI trustlet prior to SMR May-2023 Release 1

CVE-2023-21500 5.5 - Medium - May 04, 2023

Double free validation vulnerability in setPinPadImages in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the trustlet memory.

Double-free

Out-of-bounds write vulnerability in TA_Communication_mpos_encrypt_pin in mPOS TUI trustlet prior to SMR May-2023 Release 1

CVE-2023-21499 7.8 - High - May 04, 2023

Out-of-bounds write vulnerability in TA_Communication_mpos_encrypt_pin in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code.

Memory Corruption

Potential buffer overflow vulnerability in mm_Plmncoordination.c in Shannon baseband prior to SMR May-2023 Release 1

CVE-2023-21504 9.8 - Critical - May 04, 2023

Potential buffer overflow vulnerability in mm_Plmncoordination.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.

Classic Buffer Overflow

Out-of-bounds Write vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1

CVE-2023-21508 7.8 - High - May 04, 2023

Out-of-bounds Write vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code.

Memory Corruption

Out-of-bounds Write vulnerability while processing BC_TUI_CMD_UPDATE_SCREEN in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1

CVE-2023-21509 7.8 - High - May 04, 2023

Out-of-bounds Write vulnerability while processing BC_TUI_CMD_UPDATE_SCREEN in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code.

Memory Corruption

Out-of-bounds Read vulnerability while processing BC_TUI_CMD_UPDATE_SCREEN in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1

CVE-2023-21510 5.5 - Medium - May 04, 2023

Out-of-bounds Read vulnerability while processing BC_TUI_CMD_UPDATE_SCREEN in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory.

Out-of-bounds Read

Out-of-bounds Read vulnerability while processing CMD_COLDWALLET_BTC_SET_PRV_UTXO in bc_core trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1

CVE-2023-21511 5.5 - Medium - May 04, 2023

Out-of-bounds Read vulnerability while processing CMD_COLDWALLET_BTC_SET_PRV_UTXO in bc_core trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory.

Out-of-bounds Read

Improper access control vulnerability in Knox Enrollment Service prior to SMR May-2023 Release 1

CVE-2023-21495 5.5 - Medium - May 04, 2023

Improper access control vulnerability in Knox Enrollment Service prior to SMR May-2023 Release 1 allow attacker install KSP app when device admin is set.

Out-of-bounds Write vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA_ARRAY command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1

CVE-2023-21506 7.8 - High - May 04, 2023

Out-of-bounds Write vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA_ARRAY command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code.

Memory Corruption

Out-of-bounds Read vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA_ARRAY command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1

CVE-2023-21507 5.5 - Medium - May 04, 2023

Out-of-bounds Read vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA_ARRAY command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory.

Out-of-bounds Read

Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1

CVE-2023-21484 7.8 - High - May 04, 2023

Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation.

authentification

Improper export of android application components vulnerability in VideoPreviewActivity in Call Settings to SMR May-2023 Release 1

CVE-2023-21485 4.6 - Medium - May 04, 2023

Improper export of android application components vulnerability in VideoPreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox.

Improper export of android application components vulnerability in ImagePreviewActivity in Call Settings to SMR May-2023 Release 1

CVE-2023-21486 4.6 - Medium - May 04, 2023

Improper export of android application components vulnerability in ImagePreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox.

Improper access control vulnerability in Telephony framework prior to SMR May-2023 Release 1

CVE-2023-21487 3.3 - Low - May 04, 2023

Improper access control vulnerability in Telephony framework prior to SMR May-2023 Release 1 allows local attackers to change a call setting.

authentification

Improper access control vulnerablility in Tips prior to SMR May-2023 Release 1

CVE-2023-21488 7.8 - High - May 04, 2023

Improper access control vulnerablility in Tips prior to SMR May-2023 Release 1 allows local attackers to launch arbitrary activity in Tips.

Heap out-of-bounds write vulnerability in bootloader prior to SMR May-2023 Release 1

CVE-2023-21489 6.8 - Medium - May 04, 2023

Heap out-of-bounds write vulnerability in bootloader prior to SMR May-2023 Release 1 allows a physical attacker to execute arbitrary code.

Memory Corruption

Improper access control in GearManagerStub prior to SMR May-2023 Release 1

CVE-2023-21490 7.1 - High - May 04, 2023

Improper access control in GearManagerStub prior to SMR May-2023 Release 1 allows a local attacker to delete applications installed by watchmanager.

Improper access control vulnerability in ThemeManager prior to SMR May-2023 Release 1

CVE-2023-21491 7.8 - High - May 04, 2023

Improper access control vulnerability in ThemeManager prior to SMR May-2023 Release 1 allows local attackers to write arbitrary files with system privilege.

Kernel pointers are printed in the log file prior to SMR May-2023 Release 1

CVE-2023-21492 4.4 - Medium - May 04, 2023

Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR.

Insertion of Sensitive Information into Log File

Improper access control vulnerability in SemShareFileProvider prior to SMR May-2023 Release 1

CVE-2023-21493 5.5 - Medium - May 04, 2023

Improper access control vulnerability in SemShareFileProvider prior to SMR May-2023 Release 1 allows local attackers to access protected data.

Improper input validation vulnerability in mPOS fiserve trustlet prior to SMR May-2023 Release 1

CVE-2023-21501 7.8 - High - May 04, 2023

Improper input validation vulnerability in mPOS fiserve trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code.

Improper Input Validation

Improper input validation vulnerability in FactoryTest application prior to SMR May-2023 Release 1

CVE-2023-21502 7.8 - High - May 04, 2023

Improper input validation vulnerability in FactoryTest application prior to SMR May-2023 Release 1 allows local attackers to get privilege escalation via debugging commands.

Improper Input Validation

Improper access control in Samsung Core Service prior to version 2.1.00.36

CVE-2023-21505 8.6 - High - May 04, 2023

Improper access control in Samsung Core Service prior to version 2.1.00.36 allows attacker to write arbitrary file in sandbox.

Improper access control vulnerability in Call application prior to SMR Mar-2023 Release 1

CVE-2023-21449 5.5 - Medium - March 16, 2023

Improper access control vulnerability in Call application prior to SMR Mar-2023 Release 1 allows local attackers to access sensitive information without proper permission.

Improper input validation vulnerability in SoftSim TA prior to SMR Mar-2023 Release 1

CVE-2023-21453 5.5 - Medium - March 16, 2023

Improper input validation vulnerability in SoftSim TA prior to SMR Mar-2023 Release 1 allows local attackers access to protected data.

Improper Input Validation

Improper access control vulnerability in Bluetooth prior to SMR Mar-2023 Release 1

CVE-2023-21457 8.1 - High - March 16, 2023

Improper access control vulnerability in Bluetooth prior to SMR Mar-2023 Release 1 allows attackers to send file via Bluetooth without related permission.

Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1

CVE-2023-21458 3.3 - Low - March 16, 2023

Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1 allows attacker to turn off Do not disturb via unprotected intent.

Improper Privilege Management

Improper authentication in SecSettings prior to SMR Mar-2023 Release 1

CVE-2023-21460 4.4 - Medium - March 16, 2023

Improper authentication in SecSettings prior to SMR Mar-2023 Release 1 allows attacker to reset the setting.

authentification

Improper authorization vulnerability in AutoPowerOnOffConfirmDialog in Settings prior to SMR Mar-2023 Release 1

CVE-2023-21461 5.5 - Medium - March 16, 2023

Improper authorization vulnerability in AutoPowerOnOffConfirmDialog in Settings prior to SMR Mar-2023 Release 1 allows local attacker to turn device off via unprotected activity.

Improper access control vulnerability in BixbyTouch prior to version 3.2.02.5 in China models

CVE-2023-21465 5.5 - Medium - March 16, 2023

Improper access control vulnerability in BixbyTouch prior to version 3.2.02.5 in China models allows untrusted applications access local files.

Improper usage of implicit intent in Bluetooth prior to SMR Mar-2023 Release 1

CVE-2023-21452 3.3 - Low - March 16, 2023

Improper usage of implicit intent in Bluetooth prior to SMR Mar-2023 Release 1 allows attacker to get MAC address of connected device.

Improper authorization in Samsung Keyboard prior to SMR Mar-2023 Release 1

CVE-2023-21454 2.4 - Low - March 16, 2023

Improper authorization in Samsung Keyboard prior to SMR Mar-2023 Release 1 allows physical attacker to access users text history on the lockscreen.

Path traversal vulnerability in Galaxy Themes Service prior to SMR Mar-2023 Release 1

CVE-2023-21456 5.5 - Medium - March 16, 2023

Path traversal vulnerability in Galaxy Themes Service prior to SMR Mar-2023 Release 1 allows attacker to access arbitrary file with system uid.

Directory traversal

Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1

CVE-2023-21429 3.3 - Low - February 09, 2023

Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access SSID.

An out-of-bound read vulnerability in mapToBuffer function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR JAN-2023 Release 1

CVE-2023-21430 7.8 - High - February 09, 2023

An out-of-bound read vulnerability in mapToBuffer function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR JAN-2023 Release 1 allows attacker to cause memory access fault.

Out-of-bounds Read

Exposure of Sensitive Information vulnerability in Fingerprint TA prior to SMR Feb-2023 Release 1

CVE-2023-21435 5.5 - Medium - February 09, 2023

Exposure of Sensitive Information vulnerability in Fingerprint TA prior to SMR Feb-2023 Release 1 allows attackers to access the memory address information via log.

Insertion of Sensitive Information into Log File

Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1

CVE-2023-21436 3.3 - Low - February 09, 2023

Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID.

Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1

CVE-2023-21437 5.5 - Medium - February 09, 2023

Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast.

authentification

Improper logic in HomeScreen prior to SMR Feb-2023 Release 1

CVE-2023-21438 2.4 - Low - February 09, 2023

Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access App preview protected by Secure Folder.

Exposure of Resource to Wrong Sphere

Improper input validation vulnerability in UwbDataTxStatusEvent prior to SMR Feb-2023 Release 1

CVE-2023-21439 7.8 - High - February 09, 2023

Improper input validation vulnerability in UwbDataTxStatusEvent prior to SMR Feb-2023 Release 1 allows attackers to launch certain activities.

Improper Input Validation

Improper access control vulnerability in WindowManagerService prior to SMR Feb-2023 Release 1

CVE-2023-21440 5.5 - Medium - February 09, 2023

Improper access control vulnerability in WindowManagerService prior to SMR Feb-2023 Release 1 allows attackers to take a screen capture.

Inclusion of Functionality from Untrusted Control Sphere

Insufficient Verification of Data Authenticity vulnerability in Routine prior to versions 2.6.30.6 in Android Q(10), 3.1.21.10 in Android R(11) and 3.5.2.23 in Android S(12)

CVE-2023-21441 5.5 - Medium - February 09, 2023

Insufficient Verification of Data Authenticity vulnerability in Routine prior to versions 2.6.30.6 in Android Q(10), 3.1.21.10 in Android R(11) and 3.5.2.23 in Android S(12) allows local attacker to access protected files via unused code.

Insufficient Verification of Data Authenticity

Improper Handling of Insufficient Permissions or Privileges vulnerability in KnoxCustomManagerService prior to SMR Jan-2023 Release 1

CVE-2023-21421 7.8 - High - February 09, 2023

Improper Handling of Insufficient Permissions or Privileges vulnerability in KnoxCustomManagerService prior to SMR Jan-2023 Release 1 allows attacker to access device SIM PIN.

Improper Privilege Management

Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1

CVE-2023-21422 5.5 - Medium - February 09, 2023

Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding WifiService.

AuthZ

Improper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1

CVE-2023-21423 5.5 - Medium - February 09, 2023

Improper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1 allows attacker to control BLE advertising without permission using unprotected action.

AuthZ

Improper Handling of Insufficient Permissions or Privileges vulnerability in SemChameleonHelper prior to SMR Jan-2023 Release 1

CVE-2023-21424 3.3 - Low - February 09, 2023

Improper Handling of Insufficient Permissions or Privileges vulnerability in SemChameleonHelper prior to SMR Jan-2023 Release 1 allows attacker to modify network related values, network code, carrier id and operator brand.

AuthZ

Improper access control vulnerability in telecom application prior to SMR JAN-2023 Release 1

CVE-2023-21425 5.5 - Medium - February 09, 2023

Improper access control vulnerability in telecom application prior to SMR JAN-2023 Release 1 allows local attackers to get sensitive information.

authentification

Hardcoded AES key to encrypt cardemulation PINs in NFC prior to SMR Jan-2023 Release 1

CVE-2023-21426 5.5 - Medium - February 09, 2023

Hardcoded AES key to encrypt cardemulation PINs in NFC prior to SMR Jan-2023 Release 1 allows attackers to access cardemulation PIN.

Use of Hard-coded Credentials

Improper access control vulnerability in NfcTile prior to SMR Jan-2023 Release 1

CVE-2023-21427 6.5 - Medium - February 09, 2023

Improper access control vulnerability in NfcTile prior to SMR Jan-2023 Release 1 allows to attacker to use NFC without user recognition.

Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call

CVE-2023-21428 3.3 - Low - February 09, 2023

Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code.

Improper Input Validation

Improper access control vulnerabilities in Smart Things prior to 1.7.93

CVE-2023-21432 7.8 - High - February 09, 2023

Improper access control vulnerabilities in Smart Things prior to 1.7.93 allows to attacker to invite others without authorization of the owner.

Improper access control vulnerability in Runestone application prior to version 2.9.09.003 in Android R(11) and 3.2.01.007 in Android S(12)

CVE-2023-21442 5.5 - Medium - February 09, 2023

Improper access control vulnerability in Runestone application prior to version 2.9.09.003 in Android R(11) and 3.2.01.007 in Android S(12) allows local attackers to get device location information.

Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1

CVE-2023-21420 7.8 - High - February 09, 2023

Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution.

Use of Externally-Controlled Format String

Improper access control vulnerability in MyFiles prior to versions 12.2.09 in Android R(11), 13.1.03.501 in Android S(12) and 14.1.00.422 in Android T(13)

CVE-2023-21445 7.8 - High - February 09, 2023

Improper access control vulnerability in MyFiles prior to versions 12.2.09 in Android R(11), 13.1.03.501 in Android S(12) and 14.1.00.422 in Android T(13) allows local attacker to write file with MyFiles privilege via implicit intent.

Exposure of Resource to Wrong Sphere

Improper input validation in MyFiles prior to version 12.2.09 in Android R(11), 13.1.03.501 in Android S( 12) and 14.1.00.422 in Android T(13)

CVE-2023-21446 5.5 - Medium - February 09, 2023

Improper input validation in MyFiles prior to version 12.2.09 in Android R(11), 13.1.03.501 in Android S( 12) and 14.1.00.422 in Android T(13) allows local attacker to access data of MyFiles.

Improper Input Validation

A Stack-based overflow vulnerability in IpcRxEmbmsSessionList in SECRIL prior to Android S(12)

CVE-2023-21451 7.8 - High - February 09, 2023

A Stack-based overflow vulnerability in IpcRxEmbmsSessionList in SECRIL prior to Android S(12) allows attacker to cause memory corruptions.

Memory Corruption

Improper input validation in Bixby Vision prior to version 3.7.70.17

CVE-2023-21431 3.3 - Low - February 09, 2023

Improper input validation in Bixby Vision prior to version 3.7.70.17 allows attacker to access data of Bixby Vision.

Improper Input Validation

Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8

CVE-2023-21433 7.8 - High - February 09, 2023

Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store.

Incorrect Default Permissions

Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04

CVE-2023-21443 8.8 - High - February 09, 2023

Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows adjacent attackers to decrypt encrypted messages or inject commands.

Inadequate Encryption Strength

Improper cryptographic implementation in Samsung Flow for PC 4.9.14.0

CVE-2023-21444 8.8 - High - February 09, 2023

Improper cryptographic implementation in Samsung Flow for PC 4.9.14.0 allows adjacent attackers to decrypt encrypted messages or inject commands.

Inadequate Encryption Strength

Improper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32

CVE-2023-21447 3.3 - Low - February 09, 2023

Improper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local attackers to access information with Samsung Cloud's privilege via implicit intent.

Exposure of Resource to Wrong Sphere

Path traversal vulnerability in Samsung Cloud prior to version 5.3.0.32

CVE-2023-21448 3.3 - Low - February 09, 2023

Path traversal vulnerability in Samsung Cloud prior to version 5.3.0.32 allows attacker to access specific png file.

Directory traversal

Missing Authorization vulnerability in One Hand Operation + prior to version 6.1.21

CVE-2023-21450 2.1 - Low - February 09, 2023

Missing Authorization vulnerability in One Hand Operation + prior to version 6.1.21 allows multi-users to access owner's widget without authorization via gesture setting.

AuthZ

Improper input validation vulnerability in Galaxy Store prior to version 4.5.49.8

CVE-2023-21434 6.1 - Medium - February 09, 2023

Improper input validation vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to execute JavaScript by launching a web page.

XSS

Insufficient verification of data authenticity vulnerability in Samsung Gear IconX PC Manager prior to version 2.1.221019.51

CVE-2022-39909 5.5 - Medium - December 08, 2022

Insufficient verification of data authenticity vulnerability in Samsung Gear IconX PC Manager prior to version 2.1.221019.51 allows local attackers to create arbitrary file using symbolic link.

Insufficient Verification of Data Authenticity

Improper access control vulnerability in Samsung Pass prior to version 4.0.06.7

CVE-2022-39910 4.2 - Medium - December 08, 2022

Improper access control vulnerability in Samsung Pass prior to version 4.0.06.7 allow physical attackers to access data of Samsung Pass on a certain state of an unlocked device using pop-up view.

Improper check or handling of exceptional conditions vulnerability in Samsung Pass prior to version 4.0.06.1

CVE-2022-39911 6.8 - Medium - December 08, 2022

Improper check or handling of exceptional conditions vulnerability in Samsung Pass prior to version 4.0.06.1 allows attacker to access Samsung Pass.

Improper access control vulnerability in GalaxyWatch4Plugin prior to versions 2.2.11.22101351 and 2.2.12.22101351

CVE-2022-39889 3.3 - Low - November 09, 2022

Improper access control vulnerability in GalaxyWatch4Plugin prior to versions 2.2.11.22101351 and 2.2.12.22101351 allows attackers to access wearable device information.

Improper Authorization in Samsung Billing prior to version 5.0.56.0

CVE-2022-39890 7.5 - High - November 09, 2022

Improper Authorization in Samsung Billing prior to version 5.0.56.0 allows attacker to get sensitive information.

Heap overflow vulnerability in parse_pce function in libsavsaudio.so in Editor Lite prior to version 4.0.41.3

CVE-2022-39891 7.5 - High - November 09, 2022

Heap overflow vulnerability in parse_pce function in libsavsaudio.so in Editor Lite prior to version 4.0.41.3 allows attacker to get information.

Memory Corruption

Improper access control in Samsung Pass prior to version 4.0.05.1

CVE-2022-39892 9.8 - Critical - November 09, 2022

Improper access control in Samsung Pass prior to version 4.0.05.1 allows attackers to unauthenticated access via keep open feature.

Sensitive information exposure vulnerability in FmmBaseModel in Galaxy Buds Pro Manage prior to version 4.1.22092751

CVE-2022-39893 3.3 - Low - November 09, 2022

Sensitive information exposure vulnerability in FmmBaseModel in Galaxy Buds Pro Manage prior to version 4.1.22092751 allows local attackers with log access permission to get device identifier data through device log.

Insertion of Sensitive Information into Log File

Improper access control vulnerability in QuickShare prior to version 13.2.3.5

CVE-2022-39860 3.5 - Low - October 07, 2022

Improper access control vulnerability in QuickShare prior to version 13.2.3.5 allows attackers to access sensitive information via implicit broadcast.

Exposure of Resource to Wrong Sphere

Implicit intent hijacking vulnerability in UPHelper library prior to version 3.0.12

CVE-2022-39859 3.3 - Low - October 07, 2022

Implicit intent hijacking vulnerability in UPHelper library prior to version 3.0.12 allows attackers to access sensitive information via implicit intent.

Path traversal vulnerability in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51

CVE-2022-39858 7.8 - High - October 07, 2022

Path traversal vulnerability in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to write arbitrary file as FactoryCamera privilege.

Directory traversal

Improper access control vulnerability in CameraTestActivity in FactoryCameraFB prior to version 3.5.51

CVE-2022-39857 5.5 - Medium - October 07, 2022

Improper access control vulnerability in CameraTestActivity in FactoryCameraFB prior to version 3.5.51 allows attackers to access broadcasting Intent as system uid privilege.

Exposure of Resource to Wrong Sphere

Improper authorization vulnerability in Samsung Internet prior to version 18.0.4.14

CVE-2022-39873 4.6 - Medium - October 07, 2022

Improper authorization vulnerability in Samsung Internet prior to version 18.0.4.14 allows physical attackers to add bookmarks in secret mode without user authentication.

AuthZ

Improper access control vulnerability in Samsung Checkout prior to version 5.0.55.3

CVE-2022-39878 5.5 - Medium - October 07, 2022

Improper access control vulnerability in Samsung Checkout prior to version 5.0.55.3 allows attackers to access sensitive information via implicit intent broadcast.

Insertion of Sensitive Information into Log in PushRegIdUpdateClient of SReminder prior to 8.2.01.13

CVE-2022-39876 3.3 - Low - October 07, 2022

Insertion of Sensitive Information into Log in PushRegIdUpdateClient of SReminder prior to 8.2.01.13 allows attacker to access device IMEI.

Insertion of Sensitive Information into Log File

Improper component protection vulnerability in Samsung Account prior to version 13.5.0

CVE-2022-39875 4.4 - Medium - October 07, 2022

Improper component protection vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.

Sensitive log information leakage vulnerability in Samsung Account prior to version 13.5.0

CVE-2022-39874 5.5 - Medium - October 07, 2022

Sensitive log information leakage vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.

Insertion of Sensitive Information into Log File

Improper restriction of broadcasting Intent in ShareLive prior to version 13.2.03.5 leaks MAC address of the connected Bluetooth device.

CVE-2022-39872 3.3 - Low - October 07, 2022

Improper restriction of broadcasting Intent in ShareLive prior to version 13.2.03.5 leaks MAC address of the connected Bluetooth device.

Improper Handling of Exceptional Conditions

Improper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0

CVE-2022-39871 7.5 - High - October 07, 2022

Improper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcasts.

Exposure of Resource to Wrong Sphere

Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0

CVE-2022-39869 7.5 - High - October 07, 2022

Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via REMOVE_PERSISTENT_BANNER broadcast.

Exposure of Resource to Wrong Sphere

Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0

CVE-2022-39870 7.5 - High - October 07, 2022

Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via PUSH_MESSAGE_RECEIVED broadcast.

Exposure of Resource to Wrong Sphere

Unprotected Receiver in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51

CVE-2022-39861 3.3 - Low - October 07, 2022

Unprotected Receiver in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to record video without camera privilege.

AuthZ

Intent redirection vulnerability in Samsung Account prior to version 13.5.01.3

CVE-2022-39863 4.7 - Medium - October 07, 2022

Intent redirection vulnerability in Samsung Account prior to version 13.5.01.3 allows attackers to access content providers without permission.

Improper access control vulnerability in WifiSetupLaunchHelper in SmartThings prior to version 1.7.89.25

CVE-2022-39864 7.5 - High - October 07, 2022

Improper access control vulnerability in WifiSetupLaunchHelper in SmartThings prior to version 1.7.89.25 allows attackers to access sensitive information via implicit intent.

Exposure of Resource to Wrong Sphere

Improper access control vulnerability in RegisteredEventMediator.kt SmartThings prior to version 1.7.89.0

CVE-2022-39866 7.5 - High - October 07, 2022

Improper access control vulnerability in RegisteredEventMediator.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.

Exposure of Resource to Wrong Sphere

Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0

CVE-2022-39867 7.5 - High - October 07, 2022

Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via SHOW_PERSISTENT_BANNER broadcast.

Exposure of Resource to Wrong Sphere

Improper access control vulnerability in GedSamsungAccount.kt SmartThings prior to version 1.7.89.0

CVE-2022-39868 7.5 - High - October 07, 2022

Improper access control vulnerability in GedSamsungAccount.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.

Exposure of Resource to Wrong Sphere

Improper access control vulnerability in ContentsSharingActivity.java SmartThings prior to version 1.7.89.0

CVE-2022-39865 7.5 - High - October 07, 2022

Improper access control vulnerability in ContentsSharingActivity.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.

Exposure of Resource to Wrong Sphere

An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE)

CVE-2022-40279 7.5 - High - September 29, 2022

An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). l2_packet_receive_timeout in wpa_supplicant/src/l2_packet/l2_packet_pcap.c has a missing check on the return value of pcap_dispatch, leading to a denial of service (malfunction).

Unchecked Return Value

An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE)

CVE-2022-40278 7.5 - High - September 29, 2022

An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). createDB in security/provisioning/src/provisioningdatabasemanager.c has a missing sqlite3_free after sqlite3_exec, leading to a denial of service.

Dangling pointer

The function tee_obj_free in Samsung mTower through 0.3.0

CVE-2022-40761 7.5 - High - September 16, 2022

The function tee_obj_free in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_AllocateOperation with a disturbed heap layout, related to utee_cryp_obj_alloc.

Improper Input Validation

A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACUpdate function in Samsung mTower through 0.3.0

CVE-2022-40760 7.5 - High - September 16, 2022

A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACUpdate with an excessive size value of chunkSize.

Buffer Overflow

A Buffer Access with Incorrect Length Value vulnerablity in the TEE_CipherUpdate function in Samsung mTower through 0.3.0

CVE-2022-40758 7.5 - High - September 16, 2022

A Buffer Access with Incorrect Length Value vulnerablity in the TEE_CipherUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_CipherUpdate with an excessive size value of srcLen.

Buffer Overflow