Shodan
Vulnerabilities
Vulnerable Software
Samsung:  Security Vulnerabilities
CVE-2022-39864
Improper access control vulnerability in WifiSetupLaunchHelper in SmartThings prior to version 1.7.89.25 allows attackers to access sensitive information via implicit intent.
CVSS Score
3.3
EPSS Score
0.002
Published
2022-10-07
CVE-2022-39865
Improper access control vulnerability in ContentsSharingActivity.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.
CVSS Score
4.0
EPSS Score
0.002
Published
2022-10-07
CVE-2022-39866
Improper access control vulnerability in RegisteredEventMediator.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.
CVSS Score
4.0
EPSS Score
0.002
Published
2022-10-07
CVE-2022-39857
Improper access control vulnerability in CameraTestActivity in FactoryCameraFB prior to version 3.5.51 allows attackers to access broadcasting Intent as system uid privilege.
CVSS Score
7.3
EPSS Score
0.001
Published
2022-10-07
CVE-2022-39858
Path traversal vulnerability in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to write arbitrary file as FactoryCamera privilege.
CVSS Score
7.3
EPSS Score
0.001
Published
2022-10-07
CVE-2022-39859
Implicit intent hijacking vulnerability in UPHelper library prior to version 3.0.12 allows attackers to access sensitive information via implicit intent.
CVSS Score
4.0
EPSS Score
0.001
Published
2022-10-07
CVE-2022-39854
Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory.
CVSS Score
6.4
EPSS Score
0.0
Published
2022-10-07
CVE-2022-40278
An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). createDB in security/provisioning/src/provisioningdatabasemanager.c has a missing sqlite3_free after sqlite3_exec, leading to a denial of service.
CVSS Score
7.5
EPSS Score
0.008
Published
2022-09-29
CVE-2022-40279
An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). l2_packet_receive_timeout in wpa_supplicant/src/l2_packet/l2_packet_pcap.c has a missing check on the return value of pcap_dispatch, leading to a denial of service (malfunction).
CVSS Score
7.5
EPSS Score
0.007
Published
2022-09-29
CVE-2022-40757
A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACComputeFinal with an excessive size value of messageLen.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-09-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved