8 matches found
CVE-2022-24932
The CVE-2022-24932 entry concerns Samsung Setup wizard: an Improper Protection of Alternate Path vulnerability in the Setup wizard process allows a physical attacker to install packages before the wizard completes. Affected versions are Setup wizard versions prior to SMR Mar-2022 Release 1. The u...
CVE-2022-33713
CVE-2022-33713 is an implicit intent hijacking vulnerability in Samsung Cloud. The affected component is Samsung Cloud prior to version 5.2.0, where an attacker could obtain sensitive information due to improper handling of intents. Public descriptions in the provided documents identify the issue...
CVE-2023-21448
CVE-2023-21448 describes a path-traversal vulnerability in Samsung Cloud prior to version 5.3.0.32. The issue allows a local attacker to access specific PNG files due to improper validation of file paths in the affected Samsung Cloud component. Impact is limited to confidentiality (LOW) and local...
CVE-2023-21447
CVE-2023-21447 affects Samsung Cloud prior to version 5.3.0.32. The issue is an Improper Access Control that enables a local attacker to access information with Samsung Cloud’s privilege via implicit intent. The documented impact is information disclosure (confidentiality). Remediation: upgrade t...
CVE-2024-20851
CVE-2024-20851 describes an improper access-control vulnerability in Samsung Data Store prior to version 5.3.00.4 . The issue allows local attackers to launch arbitrary activities with the Samsung Data Store privilege due to inadequate access controls on the component/file/behavior identified in ...
CVE-2021-25368
The vulnerability CVE-2021-25368 affects Samsung Cloud prior to version 4.7.0.3. Affected component: Samsung Cloud application; issue described as a hijacking vulnerability that allows an attacker to intercept during the provider’s execution. Root cause details are not provided in the connected d...
CVE-2023-42578
CVE-2023-42578 affects Samsung Data Store prior to version 5.2.00.7. The issue is described as improper handling of insufficient permissions or privileges, allowing remote attackers to access location information without permission. Multiple sources in the connected set corroborate this vulnerabi...
CVE-2026-20975
CVE-2026-20975 affects Samsung Cloud prior to version 5.6.11. The vulnerability arises from improper handling of insufficient permissions, enabling local attackers to access specific files in arbitrary paths. Evidence across multiple feeds confirms the affected software and impact; exploitation s...