CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-33731
https://notcve.org/view.php?id=CVE-2022-33731
05 Aug 2022 — Improper access control vulnerability in DesktopSystemUI prior to SMR Aug-2022 Release 1 allows attackers to enable and disable arbitrary components. Una vulnerabilidad de control de acceso inapropiado en DesktopSystemUI versiones anteriores a SMR Aug-2022 Release 1, permite a atacantes activar y desactivar componentes arbitrarios • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-284: Improper Access Control •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33714
https://notcve.org/view.php?id=CVE-2022-33714
05 Aug 2022 — Improper access control vulnerability in SemWifiApBroadcastReceiver prior to SMR Aug-2022 Release 1 allows attacker to reset a setting value related to mobile hotspot. Una vulnerabilidad de control de acceso inapropiada en SemWifiApBroadcastReceiver versiones anteriores a SMR Aug-2022 Release 1, permite a un atacante restablecer un valor de configuración relacionado con el punto de acceso móvil • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-284: Improper Access Control •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33718
https://notcve.org/view.php?id=CVE-2022-33718
05 Aug 2022 — An improper access control vulnerability in Wi-Fi Service prior to SMR AUG-2022 Release 1 allows untrusted applications to manipulate the list of apps that can use mobile data. Una vulnerabilidad de control de acceso inapropiada en Wi-Fi Service versiones anteriores a SMR Aug-2022 Release 1, permite a aplicaciones no confiables manipular la lista de aplicaciones que pueden usar los datos móviles • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-863: Incorrect Authorization •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-33715
https://notcve.org/view.php?id=CVE-2022-33715
05 Aug 2022 — Improper access control and path traversal vulnerability in LauncherProvider prior to SMR Aug-2022 Release 1 allow local attacker to access files of One UI. Un control de acceso inapropiado y una vulnerabilidad de salto de ruta en LauncherProvider versiones anteriores a SMR Aug-2022 Release 1, permiten a un atacante local acceder a archivos de One UI • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-33717
https://notcve.org/view.php?id=CVE-2022-33717
05 Aug 2022 — A missing input validation before memory read in SEM TA prior to SMR Aug-2022 Release 1 allows local attackers to read out of bound memory. Una ausencia de comprobación de entrada anteriores a lectura de memoria en SEM TA versiones anteriores a SMR Aug-2022 Release 1, permite a atacantes locales leer memoria no inicializada • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-33716
https://notcve.org/view.php?id=CVE-2022-33716
05 Aug 2022 — An absence of variable initialization in ICCC TA prior to SMR Aug-2022 Release 1 allows local attacker to read uninitialized memory. Una ausencia de inicialización de variables en ICCC TA versiones anteriores a SMR Aug-2022 Release 1, permite a atacantes locales leer memoria no inicializada • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-457: Use of Uninitialized Variable CWE-908: Use of Uninitialized Resource •
CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33728
https://notcve.org/view.php?id=CVE-2022-33728
05 Aug 2022 — Exposure of sensitive information in Bluetooth prior to SMR Aug-2022 Release 1 allows local attackers to access connected BT macAddress via Settings.Gloabal. Una exposición de información confidencial en Bluetooth versiones anteriores a SMR Aug-2022 Release 1, permite a atacantes locales acceder a la dirección MAC del BT conectado por medio de Settings.Gloabal • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33729
https://notcve.org/view.php?id=CVE-2022-33729
05 Aug 2022 — Improper restriction of broadcasting Intent in ConfirmConnectActivity of?NFC prior to SMR Aug-2022 Release 1 leaks MAC address of the connected Bluetooth device. Una restricción inapropiada de la intención de transmisión en ConfirmConnectActivity de NFC versiones anteriores a SMR Aug-2022 Release 1, filtra la dirección MAC del dispositivo Bluetooth conectado • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-20: Improper Input Validation •
CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33727
https://notcve.org/view.php?id=CVE-2022-33727
05 Aug 2022 — A vulnerable code in onCreate of SecDevicePickerDialog prior to SMR Aug-2022 Release 1, allows attackers to trick the user to select an unwanted bluetooth device via tapjacking/overlay attack. Un código vulnerable en onCreate de SecDevicePickerDialog versiones anteriores a SMR Aug-2022 Release 1, permite a atacantes engañar al usuario para que seleccione un dispositivo bluetooth no deseado por medio de un ataque de tapjacking/overlay • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33723
https://notcve.org/view.php?id=CVE-2022-33723
05 Aug 2022 — A vulnerable code in onCreate of BluetoothScanDialog prior to SMR Aug-2022 Release 1, allows attackers to trick the user to select an unwanted bluetooth device via tapjacking/overlay attack. Un código vulnerable en onCreate de BluetoothScanDialog versiones anteriores a SMR Aug-2022 Release 1, permite a atacantes engañar al usuario para que seleccione un dispositivo bluetooth no deseado por medio de un ataque de tapjacking/overlay • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •