Samsung: >> Members Security Vulnerabilities
An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account.
CVSS Score
8.6
EPSS Score
0.076
Published
2021-04-09
Calling of non-existent provider in SMP sdk prior to version 3.0.9 allows unauthorized actions including denial of service attack by hijacking the provider.
CVSS Score
4.0
EPSS Score
0.001
Published
2021-03-04
Calling of non-existent provider in Samsung Members prior to version 2.4.81.13 (in Android O(8.1) and below) and 3.8.00.13 (in Android P(9.0) and above) allows unauthorized actions including denial of service attack by hijacking the provider.
CVSS Score
4.0
EPSS Score
0.001
Published
2021-03-04
Page 2