Lucene search

Samsung MobileCVELIST:CVE-2022-33730

HistoryAug 05, 2022 - 3:21 p.m.

CVE-2022-33730

2022-08-0515:21:02

CWE-787

Samsung Mobile

www.cve.org

samsung dex

buffer overflow

arbitrary code execution

physical attackers

CVSS3

6.8

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

23.3%

JSON

Heap-based buffer overflow vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows arbitrary code execution by physical attackers.

CNA Affected

[
  {
    "product": "Samsung Mobile Devices",
    "vendor": "Samsung Mobile",
    "versions": [
      {
        "lessThan": "SMR Aug-2022 Release 1",
        "status": "affected",
        "version": "S(12)",
        "versionType": "custom"
      }
    ]
  }
]

References

security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08

CVSS3

6.8

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

23.3%

JSON

Related for CVELIST:CVE-2022-33730