Lucene search
Samsung MobileCVELIST:CVE-2022-33727HistoryAug 05, 2022 - 3:13 p.m.
CVE-2022-33727
2022-08-0515:13:43
CWE-1021
Samsung Mobile
www.cve.org
3
vulnerable code
secdevicepickerdialog
tapjacking
overlay attack
bluetooth device.
CVSS3
4.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
EPSS
0.001
Percentile
28.8%
A vulnerable code in onCreate of SecDevicePickerDialog prior to SMR Aug-2022 Release 1, allows attackers to trick the user to select an unwanted bluetooth device via tapjacking/overlay attack.
CNA Affected
[
{
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"lessThan": "SMR Aug-2022 Release 1",
"status": "affected",
"version": "Q(10), R(11), S(12)",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2022-33727
2022-08-05 16:15:13
prion
prion
Code injection
2022-08-05 16:15:00
cve
cve
CVE-2022-33727
2022-08-05 16:15:13
CVSS3
4.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
EPSS
0.001
Percentile
28.8%
Related for CVELIST:CVE-2022-33727