Samsung Mobile Devices Security Vulnerabilities
Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding...
5.5CVSS
5.4AI Score
0.0004EPSS
Improper access control vulnerability in RCS call prior to SMR Dec-2022 Release 1 allows local attackers to access RCS incoming call...
3.3CVSS
4.2AI Score
0.0004EPSS
Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in PersonaManagerService prior to Android T(13) allows local attackers to set some setting value in Secure...
3.3CVSS
4.1AI Score
0.0004EPSS
Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 allows to access contact group information via implicit...
3.3CVSS
4.2AI Score
0.0004EPSS
Improper access control vulnerability in ContactListStartActivityHelper in Phone prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit...
3.3CVSS
4.1AI Score
0.0004EPSS
Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via...
5.5CVSS
5.3AI Score
0.0004EPSS
Improper authentication in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to disable the network traffic encryption between UE and...
6.5CVSS
6.6AI Score
0.001EPSS
Exposure of Sensitive Information from an Unauthorized Actor vulnerability in Samsung DisplayManagerService prior to Android T(13) allows local attacker to access connected DLNA device...
3.3CVSS
4AI Score
0.0004EPSS
Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds...
7.8CVSS
7.5AI Score
0.0004EPSS
Improper authorization in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to get sensitive information including IMEI via emergency...
7.5CVSS
7.4AI Score
0.001EPSS
Improper access control vulnerability in SecTelephonyProvider prior to SMR Dec-2022 Release 1 allows attackers to access message...
3.3CVSS
4.3AI Score
0.0004EPSS
Implicit intent hijacking vulnerability in Telecom application prior to SMR Dec-2022 Release 1 allows attacker to access sensitive information via implicit...
5.5CVSS
5.3AI Score
0.0004EPSS
Improper access control vulnerabilities in Contacts prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit...
3.3CVSS
4.3AI Score
0.0004EPSS
Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1 allows attacker to send the input event using S Pen...
4.3CVSS
4.8AI Score
0.0004EPSS
Improper access control vulnerability in IIccPhoneBook prior to SMR Dec-2022 Release 1 allows attackers to access some information of...
3.3CVSS
4.2AI Score
0.0004EPSS
TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds...
7.4CVSS
7.2AI Score
0.0005EPSS
Improper access control vulnerability in Nice Catch prior to SMR Dec-2022 Release 1 allows physical attackers to access contents of all toast generated in the application installed in Secure Folder through Nice...
4.6CVSS
4.6AI Score
0.0005EPSS
Exposure of Sensitive Information vulnerability in Samsung Settings prior to SMR Dec-2022 Release 1 allows local attackers to access the Network Access Identifier via...
3.3CVSS
4.2AI Score
0.0004EPSS
Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T(13) allows local attacker to access user profiles...
3.3CVSS
4AI Score
0.0004EPSS
Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1 allows local attacker to call privileged...
7.8CVSS
7.4AI Score
0.0004EPSS
Improper access control vulnerability in IpcRxServiceModeBigDataInfo in RIL prior to SMR Nov-2022 Release 1 allows local attacker to access Device...
3.3CVSS
4.1AI Score
0.0004EPSS
Improper input validation vulnerability in DualOutFocusViewer prior to SMR Nov-2022 Release 1 allows local attacker to perform an arbitrary code...
7.8CVSS
7.8AI Score
0.0004EPSS
Heap overflow vulnerability in sflacf_fal_bytes_peek function in libsmat.so library prior to SMR Nov-2022 Release 1 allows local attacker to execute arbitrary...
7.8CVSS
7.8AI Score
0.0004EPSS
Improper input validation vulnerability for processing SIB12 PDU in Exynos modems prior to SMR Sep-2022 Release allows remote attacker to read out of bounds...
9.1CVSS
9AI Score
0.002EPSS
Improper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows local attacker to grant permission for accessing information with phone...
3.3CVSS
4AI Score
0.0004EPSS
Improper access control vulnerability in IImsService prior to SMR Nov-2022 Release 1 allows local attacker to access to Call...
3.3CVSS
4.1AI Score
0.0004EPSS
Improper access control vulnerability in BootCompletedReceiver_CMCC in DeviceManagement prior to SMR Nov-2022 Release 1 allows local attacker to access to Device...
3.3CVSS
4.1AI Score
0.0004EPSS
Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to configure EDM...
3.3CVSS
4.1AI Score
0.0004EPSS
Use after free vulnerability in set_nft_pid and signal_handler function of NFC driver prior to SMR Oct-2022 Release 1 allows attackers to perform malicious...
5.3CVSS
5.6AI Score
0.0004EPSS
Exposure of sensitive information in AT_Distributor prior to SMR Oct-2022 Release 1 allows local attacker to access SerialNo via...
3.3CVSS
3.9AI Score
0.0004EPSS
Improper access control in knox_vpn_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration...
3.3CVSS
4.2AI Score
0.0004EPSS
Improper access control in mum_container_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration...
3.3CVSS
4.2AI Score
0.0004EPSS
Improper access control vulnerability in CocktailBarService prior to SMR Oct-2022 Release 1 allows local attacker to bind service that require BIND_REMOTEVIEWS...
3.3CVSS
4.1AI Score
0.0004EPSS
A heap-based overflow vulnerability in makeContactAGIF in libagifencoder.quram.so library prior to SMR Oct-2022 Release 1 allows attacker to perform code...
7.8CVSS
7.8AI Score
0.0004EPSS
A use after free vulnerability in perf-mgr driver prior to SMR Oct-2022 Release 1 allows attacker to cause memory access...
7.8CVSS
7.6AI Score
0.0004EPSS
Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure...
7.8CVSS
7.5AI Score
0.0004EPSS
Improper access control vulnerability in FACM application prior to SMR Oct-2022 Release 1 allows a local attacker to connect arbitrary AP and Bluetooth...
4.3CVSS
4.7AI Score
0.0004EPSS
Improper restriction of broadcasting Intent in MouseNKeyHidDevice prior to SMR Oct-2022 Release 1 leaks MAC address of the connected Bluetooth...
3.3CVSS
4.3AI Score
0.0004EPSS
Improper access control vulnerability in imsservice application prior to SMR Oct-2022 Release 1 allows local attackers to access call...
3.3CVSS
4.2AI Score
0.0004EPSS
Improper authorization in Dynamic Lockscreen prior to SMR Sep-2022 Release 1 in Android R(11) and 3.3.03.66 in Android S(12) allows unauthorized use of javascript interface...
9.8CVSS
9AI Score
0.001EPSS
A heap-based overflow vulnerability in MHW_RECOG_LIB_INFO function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access...
7.8CVSS
7.6AI Score
0.0004EPSS
Use after free vulnerability in mtp_send_signal function of MTP driver prior to SMR Sep-2022 Release 1 allows attackers to perform malicious...
7.8CVSS
7.8AI Score
0.0004EPSS
Intent redirection in Photo Editor prior to SMR Sep-2022 Release 1 allows attacker to get sensitive...
7.5CVSS
7.4AI Score
0.001EPSS
Improper Authorization vulnerability in Video Editor prior to SMR Sep-2022 Release 1 allows local attacker to access internal application...
3.3CVSS
4.1AI Score
0.0004EPSS
Improper access control vulnerability in Telecom application prior to SMR Sep-2022 Release 1 allows attacker to start emergency calls via undefined...
3.3CVSS
4.3AI Score
0.0004EPSS
Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows physical attackers to read internal application...
2.4CVSS
3.8AI Score
0.0004EPSS
A heap-based overflow vulnerability in prepareRecogLibrary function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access...
7.8CVSS
7.6AI Score
0.0004EPSS
A heap-based overflow vulnerability in HWR::EngJudgeModel::Construct() in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access...
7.8CVSS
7.6AI Score
0.0004EPSS
A heap-based overflow vulnerability in ConstructDictionary function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access...
7.8CVSS
7.6AI Score
0.0004EPSS
Out of bound read in libapexjni.media.samsung.so prior to SMR Sep-2022 Release 1 allows attacker access unauthorized...
5.5CVSS
5.4AI Score
0.0004EPSS