Shodan
Vulnerabilities
Vulnerable Software
Samsung:  Security Vulnerabilities
CVE-2023-21433
Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store.
CVSS Score
7.8
EPSS Score
0.026
Published
2023-02-09
CVE-2023-21434
Improper input validation vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to execute JavaScript by launching a web page.
CVSS Score
6.2
EPSS Score
0.105
Published
2023-02-09
CVE-2023-21435
Exposure of Sensitive Information vulnerability in Fingerprint TA prior to SMR Feb-2023 Release 1 allows attackers to access the memory address information via log.
CVSS Score
4.4
EPSS Score
0.001
Published
2023-02-09
CVE-2023-21420
Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution.
CVSS Score
7.3
EPSS Score
0.001
Published
2023-02-09
CVE-2023-21421
Improper Handling of Insufficient Permissions or Privileges vulnerability in KnoxCustomManagerService prior to SMR Jan-2023 Release 1 allows attacker to access device SIM PIN.
CVSS Score
5.9
EPSS Score
0.0
Published
2023-02-09
CVE-2023-21422
Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding WifiService.
CVSS Score
5.7
EPSS Score
0.0
Published
2023-02-09
CVE-2022-44636
The Samsung TV (2021 and 2022 model) smart remote control allows attackers to enable microphone access via Bluetooth spoofing when a user is activating remote control by pressing a button. This is fixed in xxx72510, E9172511 for 2021 models, xxxA1000, 4x2A0200 for 2022 models.
CVSS Score
4.6
EPSS Score
0.001
Published
2022-12-13
CVE-2022-39915
Improper access control vulnerability in Calendar prior to versions 11.6.08.0 in Android Q(10), 12.2.11.3000 in Android R(11), 12.3.07.2000 in Android S(12), and 12.4.02.0 in Android T(13) allows attackers to access sensitive information via implicit intent.
CVSS Score
3.3
EPSS Score
0.001
Published
2022-12-08
CVE-2022-39901
Improper authentication in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to disable the network traffic encryption between UE and gNodeB.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-12-08
CVE-2022-39902
Improper authorization in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to get sensitive information including IMEI via emergency call.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-12-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved