CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33726
https://notcve.org/view.php?id=CVE-2022-33726
Unprotected dynamic receiver in Samsung Galaxy Friends prior to SMR Aug-2022 Release 1 allows attacker to launch activity. Un receptor dinámico desprotegido en Samsung Galaxy Friends versiones anteriores a SMR Aug-2022 Release 1, permite a un atacante lanzar una actividad • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-561: Dead Code •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33714
https://notcve.org/view.php?id=CVE-2022-33714
Improper access control vulnerability in SemWifiApBroadcastReceiver prior to SMR Aug-2022 Release 1 allows attacker to reset a setting value related to mobile hotspot. Una vulnerabilidad de control de acceso inapropiada en SemWifiApBroadcastReceiver versiones anteriores a SMR Aug-2022 Release 1, permite a un atacante restablecer un valor de configuración relacionado con el punto de acceso móvil • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-284: Improper Access Control •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33718
https://notcve.org/view.php?id=CVE-2022-33718
An improper access control vulnerability in Wi-Fi Service prior to SMR AUG-2022 Release 1 allows untrusted applications to manipulate the list of apps that can use mobile data. Una vulnerabilidad de control de acceso inapropiada en Wi-Fi Service versiones anteriores a SMR Aug-2022 Release 1, permite a aplicaciones no confiables manipular la lista de aplicaciones que pueden usar los datos móviles • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-863: Incorrect Authorization •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-33725
https://notcve.org/view.php?id=CVE-2022-33725
A vulnerability using PendingIntent in Knox VPN prior to SMR Aug-2022 Release 1 allows attackers to access content providers with system privilege. Una vulnerabilidad usando PendingIntent en Knox VPN versiones anteriores a SMR Aug-2022 Release 1, permite a atacantes acceder a los proveedores de contenido con privilegio del sistema • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33728
https://notcve.org/view.php?id=CVE-2022-33728
Exposure of sensitive information in Bluetooth prior to SMR Aug-2022 Release 1 allows local attackers to access connected BT macAddress via Settings.Gloabal. Una exposición de información confidencial en Bluetooth versiones anteriores a SMR Aug-2022 Release 1, permite a atacantes locales acceder a la dirección MAC del BT conectado por medio de Settings.Gloabal • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •