CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-39870

Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via PUSH_MESSAGE_RECEIVED broadcast.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 35.1%

CVSS Severity

CVSS v3 Score 4.0

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=10
https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=10

Products affected by CVE-2022-39870

Samsung » Smartthings » Version: N/A

cpe:2.3:a:samsung:smartthings:-
Samsung » Smartthings » Version: 1.7.73.22

cpe:2.3:a:samsung:smartthings:1.7.73.22
Samsung » Smartthings » Version: 1.7.85.12

cpe:2.3:a:samsung:smartthings:1.7.85.12
Samsung » Smartthings » Version: 1.7.85.25

cpe:2.3:a:samsung:smartthings:1.7.85.25

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-39870

Products

Pricing

Contact Us