Lucene search

Account Security Vulnerabilities

cve

CVE-2021-25350

Information Exposure vulnerability in Samsung Account prior to version 12.1.1.3 allows physically proximate attackers to access user information via log.

3.9CVSS

4.2AI Score

0.0004EPSS

2021-03-25 05:15 PM

cve

CVE-2021-25351

Improper Access Control in EmailValidationView in Samsung Account prior to version 10.7.0.7 and 12.1.1.3 allows physically proximate attackers to log out user account on device without user password.

3.2CVSS

4.1AI Score

0.001EPSS

2021-03-25 05:15 PM

cve

CVE-2021-25381

Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in Android P(9.0) and below, and 12.1.1.3 in Android Q(10.0) and above allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.

7.8CVSS

7.2AI Score

0.0004EPSS

2021-04-09 06:15 PM

cve

CVE-2021-25403

Intent redirection vulnerability in Samsung Account prior to version 10.8.0.4 in Android P(9.0) and below, and 12.2.0.9 in Android Q(10.0) and above allows attacker to access contacts and file provider using SettingWebView component.

3.3CVSS

4.1AI Score

0.0004EPSS

2021-06-11 03:15 PM

cve

CVE-2022-25825

Improper access control vulnerability in Samsung Account prior to version 13.1.0.1 allows attackers to access to the authcode for sign-in.

6.2CVSS

5.5AI Score

0.0004EPSS

2022-03-10 05:47 PM

cve

CVE-2022-30732

Exposure of Sensitive Information vulnerability in Samsung Account prior to version 13.2.00.6 allows attacker to access sensitive information via onActivityResult.

7.5CVSS

7.2AI Score

0.001EPSS

2022-06-07 07:15 PM

cve

CVE-2022-30733

Sensitive information exposure in Sign-in log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email or phone number without permission.

5.3CVSS

5.1AI Score

0.001EPSS

2022-06-07 07:15 PM

cve

CVE-2022-30734

Sensitive information exposure in Sign-out log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email or phone number without permission.

5.3CVSS

5.1AI Score

0.001EPSS

2022-06-07 07:15 PM

cve

CVE-2022-30735

Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the access_token without permission.

7.5CVSS

7.5AI Score

0.001EPSS

2022-06-07 07:15 PM

cve

CVE-2022-30736

Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the data of contact and gallery without permission.

5.3CVSS

5.2AI Score

0.001EPSS

2022-06-07 07:15 PM

cve

CVE-2022-30737

Implicit Intent hijacking vulnerability in Samsung Account prior to version 13.2.00.6 allows attackers to get email ID.

5.3CVSS

5.2AI Score

0.001EPSS

2022-06-07 07:15 PM

cve

CVE-2022-30739

Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get an user email or phone number with a normal level permission.

4.3CVSS

4.6AI Score

0.0005EPSS

2022-06-07 07:15 PM

cve

CVE-2022-30743

Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the data of contact and gallery without permission.

5.3CVSS

5.2AI Score

0.001EPSS

2022-06-07 07:15 PM

cve

CVE-2022-39863

Intent redirection vulnerability in Samsung Account prior to version 13.5.01.3 allows attackers to access content providers without permission.

4.7CVSS

4.7AI Score

0.001EPSS

2022-10-07 03:15 PM

cve

CVE-2022-39874

Sensitive log information leakage vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.

5.5CVSS

5.3AI Score

0.0004EPSS

2022-10-07 03:15 PM

cve

CVE-2022-39875

Improper component protection vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.

5.1CVSS

4.6AI Score

0.0004EPSS

2022-10-07 03:15 PM

cve

CVE-2023-42540

Improper access control vulnerability in Samsung Account prior to version 14.5.01.1 allows attackers to access sensitive information via implicit intent.

5.5CVSS

5.3AI Score

0.0004EPSS

2023-11-07 08:15 AM

cve

CVE-2023-42546

Use of implicit intent for sensitive communication vulnerability in startAgreeToDisclaimerActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

6.5CVSS

6.5AI Score

0.0005EPSS

2023-11-07 08:15 AM

cve

CVE-2023-42547

Use of implicit intent for sensitive communication vulnerability in startEmailValidationActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

6.5CVSS

6.5AI Score

0.0005EPSS

2023-11-07 08:15 AM

cve

CVE-2023-42548

Use of implicit intent for sensitive communication vulnerability in startMandatoryCheckActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

6.5CVSS

6.5AI Score

0.0005EPSS

2023-11-07 08:15 AM

cve

CVE-2023-42549

Use of implicit intent for sensitive communication vulnerability in startNameValidationActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

6.5CVSS

6.5AI Score

0.0005EPSS

2023-11-07 08:15 AM

cve

CVE-2023-42550

Use of implicit intent for sensitive communication vulnerability in startSignIn in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

6.5CVSS

6.5AI Score

0.0005EPSS

2023-11-07 08:15 AM

cve

CVE-2023-42551

Use of implicit intent for sensitive communication vulnerability in startTncActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

6.5CVSS

6.5AI Score

0.0005EPSS

2023-11-07 08:15 AM