CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33694
https://notcve.org/view.php?id=CVE-2022-33694
11 Jul 2022 — Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting. Una exposición de información confidencial en CSC application versiones anteriores a SMR Jul-2022 Release 1, permite que un atacante local acceda a la información de wifi por medio de la difusión de intentos no protegidos • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-213: Exposure of Sensitive Information Due to Incompatible Policies CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 2.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33693
https://notcve.org/view.php?id=CVE-2022-33693
11 Jul 2022 — Exposure of Sensitive Information in CID Manager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log. Una exposición de información confidencial en CID Manager versiones anteriores a SMR Jul-2022 Release 1, permite a un atacante local acceder a iccid por medio del registro • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-33692
https://notcve.org/view.php?id=CVE-2022-33692
11 Jul 2022 — Exposure of Sensitive Information in Messaging application prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log. Una exposición de información confidencial en Messaging application versiones anteriores a SMR Jul-2022 Release 1, permite a un atacante local acceder a imsi e iccid por medio del registro • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-213: Exposure of Sensitive Information Due to Incompatible Policies CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2022-33691
https://notcve.org/view.php?id=CVE-2022-33691
11 Jul 2022 — A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow local attackers to interleave malicious operations. Una posible vulnerabilidad de condición de carrera en score driver versiones anteriores a SMR Jul-2022 Release 1, puede permitir a atacantes locales intercalar operaciones maliciosas • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-33690
https://notcve.org/view.php?id=CVE-2022-33690
11 Jul 2022 — Improper input validation in Contacts Storage prior to SMR Jul-2022 Release 1 allows attacker to access arbitrary file. Una comprobación de entrada inapropiada en Contacts Storage versiones anteriores a SMR Jul-2022 Release 1, permite a un atacante acceder a un archivo arbitrario • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33689
https://notcve.org/view.php?id=CVE-2022-33689
11 Jul 2022 — Improper access control vulnerability in TelephonyUI prior to SMR Jul-2022 Release 1 allows attackers to change preferred network type by unprotected binder call. Una vulnerabilidad de control de acceso inapropiado en TelephonyUI versiones anteriores a SMR Jul-2022 Release 1, permite a atacantes cambiar el tipo de red preferido mediante una llamada de enlace no protegida • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-287: Improper Authentication •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33688
https://notcve.org/view.php?id=CVE-2022-33688
11 Jul 2022 — Sensitive information exposure vulnerability in EventType in SecTelephonyProvider prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log. La vulnerabilidad de exposición de información confidencial en EventType en SecTelephonyProvider versiones anteriores a SMR Jul-2022 Release 1, permite a atacantes locales con permiso de acceso al registro conseguir IMSI mediante el registro del dispositivo • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33687
https://notcve.org/view.php?id=CVE-2022-33687
11 Jul 2022 — Exposure of Sensitive Information in telephony-common.jar prior to SMR Jul-2022 Release 1 allows local attackers to access IMSI via log. Una exposición de información confidencial en telephony-common.jar versiones anteriores a SMR Jul-2022 Release 1, permite a atacantes locales acceder a la IMSI por medio del registro • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 2.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33686
https://notcve.org/view.php?id=CVE-2022-33686
11 Jul 2022 — Exposure of Sensitive Information in GsmAlarmManager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log. Una exposición de información confidencial en GsmAlarmManager versiones anteriores a SMR Jul-2022 Release 1, permite a atacantes locales acceder a iccid por medio del registro • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-552: Files or Directories Accessible to External Parties •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33685
https://notcve.org/view.php?id=CVE-2022-33685
11 Jul 2022 — Unprotected dynamic receiver in Wearable Manager Service prior to SMR Jul-2022 Release 1 allows attacker to launch arbitray activity and access senstive information. Un receptor dinámico desprotegido en el servicio Wearable Manager versiones anteriores a SMR Jul-2022 Release 1, permite a un atacante iniciar una actividad arbitraria y acceder a información confidencial • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-561: Dead Code •