CVE-2022-33734

Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission...

CVE-2022-36829

PendingIntent hijacking vulnerability in releaseAlarm in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent...

PT-2022-23633 · Samsung · Charm

Name of the Vulnerable Software and Affected Versions: Charm by Samsung versions prior to 1.2.3 Description: The issue allows local attackers to access files without permission via implicit intent, exploiting a PendingIntent hijacking vulnerability in the releaseAlarm function. Recommendations: F...

PT-2022-21850 · Samsung · Charm

Name of the Vulnerable Software and Affected Versions: Charm by Samsung versions prior to 1.2.3 Description: The issue allows an attacker to expose sensitive information, specifically bluetooth connection information, without permission through the onCharacteristicRead function. Recommendations:...