4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
3.7 Low
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.2%
Improper access control vulnerability in MyFiles application prior to versions 12.2.09.0 in Android 11, 13.1.03.501 in Android 12 and 14.1.03.0 in Android 13 allows local attacker to get sensitive information of secret mode in Samsung Internet application with specific conditions.
CPE | Name | Operator | Version |
---|---|---|---|
samsung:myfiles | samsung myfiles | lt | 12.2.09.0 |
[
{
"vendor": "Samsung Mobile",
"product": "MyFiles",
"versions": [
{
"version": "unspecified",
"status": "affected",
"lessThan": "12.2.09.0 in Android 11, 13.1.03.501 in Android12 and 14.1.03.0 in Android 13",
"versionType": "custom"
}
]
}
]
4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
3.7 Low
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.2%