CVSS: 8.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33704
https://notcve.org/view.php?id=CVE-2022-33704
11 Jul 2022 — Improper validation vulnerability in ucmRetParcelable of KnoxSDK prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities. Una vulnerabilidad de comprobación inapropiada en ucmRetParcelable de KnoxSDK versiones anteriores a SMR Jul-2022 Release 1, permite a atacantes lanzar determinadas actividades • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-20: Improper Input Validation •
CVSS: 8.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33703
https://notcve.org/view.php?id=CVE-2022-33703
11 Jul 2022 — Improper validation vulnerability in CACertificateInfo prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities. Una vulnerabilidad de comprobación inapropiada en CACertificateInfo versiones anteriores a SMR Jul-2022 Release 1, permite a atacantes iniciar determinadas actividades • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-20: Improper Input Validation •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33702
https://notcve.org/view.php?id=CVE-2022-33702
11 Jul 2022 — Improper authorization vulnerability in Knoxguard prior to SMR Jul-2022 Release 1 allows local attacker to disable keyguard and bypass Knoxguard lock by factory reset. Una vulnerabilidad de autorización inapropiada en Knoxguard versiones anteriores a SMR Jul-2022 Release 1, permite a un atacante local deshabilitar keyguard y omitir el bloqueo de Knoxguard mediante un restablecimiento de fábrica • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-285: Improper Authorization •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33701
https://notcve.org/view.php?id=CVE-2022-33701
11 Jul 2022 — Improper access control vulnerability in KnoxCustomManagerService prior to SMR Jul-2022 Release 1 allows attacker to call PowerManaer.goToSleep method which is protected by system permission by sending braodcast intent. Una vulnerabilidad de control de acceso inapropiado en KnoxCustomManagerService versiones anteriores a SMR Jul-2022 Release 1, permite al atacante llamar al método PowerManaer.goToSleep que está protegido por el permiso del sistema mediante el envío de braodcast intent • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-284: Improper Access Control •
CVSS: 2.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33700
https://notcve.org/view.php?id=CVE-2022-33700
11 Jul 2022 — Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log. Una exposición de información confidencial en putDsaSimImsi en TelephonyUI versiones anteriores a SMR Jul-2022 Release 1, permite a un atacante local acceder a imsi por medio del registro • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 2.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33699
https://notcve.org/view.php?id=CVE-2022-33699
11 Jul 2022 — Exposure of Sensitive Information in getDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log. Una exposición de información confidencial en getDsaSimImsi en TelephonyUI versiones anteriores a SMR Jul-2022 Release 1, permite a un atacante local acceder a imsi por medio del registro • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33698
https://notcve.org/view.php?id=CVE-2022-33698
11 Jul 2022 — Exposure of Sensitive Information in Telecom application prior to SMR Jul-2022 Release 1 allows local attackers to access ICCID via log. Una exposición de información confidencial en la aplicación Telecom versiones anteriores a SMR Jul-2022 Release 1, permite a atacantes locales acceder al ICCID por medio del registro • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33697
https://notcve.org/view.php?id=CVE-2022-33697
11 Jul 2022 — Sensitive information exposure vulnerability in ImsServiceSwitchBase in ImsCore prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log. Una vulnerabilidad de exposición de información confidencial en ImsServiceSwitchBase en ImsCore versiones anteriores a SMR Jul-2022 Release 1, permite a atacantes locales con permiso de acceso al registro conseguir el IMSI mediante el registro del dispositivo • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-33696
https://notcve.org/view.php?id=CVE-2022-33696
11 Jul 2022 — Exposure of Sensitive Information in Telephony service prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log. Una exposición de información confidencial en Telephony service versiones anteriores a SMR Jul-2022 Release 1, permite a un atacante local acceder a imsi e iccid por medio del registro • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-213: Exposure of Sensitive Information Due to Incompatible Policies CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33695
https://notcve.org/view.php?id=CVE-2022-33695
11 Jul 2022 — Use of improper permission in InputManagerService prior to SMR Jul-2022 Release 1 allows unauthorized access to the service. El uso de un permiso inapropiado en InputManagerService versiones anteriores a SMR Jul-2022 Release 1, permite el acceso no autorizado al servicio • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-732: Incorrect Permission Assignment for Critical Resource •