CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33694
https://notcve.org/view.php?id=CVE-2022-33694
Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting. Una exposición de información confidencial en CSC application versiones anteriores a SMR Jul-2022 Release 1, permite que un atacante local acceda a la información de wifi por medio de la difusión de intentos no protegidos • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-213: Exposure of Sensitive Information Due to Incompatible Policies CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 2.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33693
https://notcve.org/view.php?id=CVE-2022-33693
Exposure of Sensitive Information in CID Manager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log. Una exposición de información confidencial en CID Manager versiones anteriores a SMR Jul-2022 Release 1, permite a un atacante local acceder a iccid por medio del registro • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2022-33691
https://notcve.org/view.php?id=CVE-2022-33691
A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow local attackers to interleave malicious operations. Una posible vulnerabilidad de condición de carrera en score driver versiones anteriores a SMR Jul-2022 Release 1, puede permitir a atacantes locales intercalar operaciones maliciosas • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33689
https://notcve.org/view.php?id=CVE-2022-33689
Improper access control vulnerability in TelephonyUI prior to SMR Jul-2022 Release 1 allows attackers to change preferred network type by unprotected binder call. Una vulnerabilidad de control de acceso inapropiado en TelephonyUI versiones anteriores a SMR Jul-2022 Release 1, permite a atacantes cambiar el tipo de red preferido mediante una llamada de enlace no protegida • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-287: Improper Authentication •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33688
https://notcve.org/view.php?id=CVE-2022-33688
Sensitive information exposure vulnerability in EventType in SecTelephonyProvider prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log. La vulnerabilidad de exposición de información confidencial en EventType en SecTelephonyProvider versiones anteriores a SMR Jul-2022 Release 1, permite a atacantes locales con permiso de acceso al registro conseguir IMSI mediante el registro del dispositivo • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-532: Insertion of Sensitive Information into Log File •