CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-28791

Improper input validation vulnerability in InstallAgent in Galaxy Store prior to version 4.5.41.8 allows attacker to overwrite files stored in a specific path. The patch adds proper protection to prevent overwrite to existing files.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.1%

CVSS Severity

CVSS v3 Score 6.2

CVSS v2 Score 2.1

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=5
https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=5

Products affected by CVE-2022-28791

Samsung » Galaxy Store » Version: N/A

cpe:2.3:a:samsung:galaxy_store:-
Samsung » Galaxy Store » Version: 4.5.32.4

cpe:2.3:a:samsung:galaxy_store:4.5.32.4
Samsung » Galaxy Store » Version: 4.5.36.4

cpe:2.3:a:samsung:galaxy_store:4.5.36.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-28791

Products

Pricing

Contact Us