CVSS: 8.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-39882
https://notcve.org/view.php?id=CVE-2022-39882
Heap overflow vulnerability in sflacf_fal_bytes_peek function in libsmat.so library prior to SMR Nov-2022 Release 1 allows local attacker to execute arbitrary code. Vulnerabilidad de desbordamiento de montón en la función sflacf_fal_bytes_peek en la librería libsmat.so antes de SMR Nov-2022 Release 1 permite a un atacante local ejecutar código arbitrario. • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=11 • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-39884
https://notcve.org/view.php?id=CVE-2022-39884
Improper access control vulnerability in IImsService prior to SMR Nov-2022 Release 1 allows local attacker to access to Call information. Una vulnerabilidad de control de acceso inadecuado en IImsService anterior a SMR Nov-2022 Release 1 permite a un atacante local acceder a la información de la llamada. • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=11 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-39883
https://notcve.org/view.php?id=CVE-2022-39883
Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1 allows local attacker to call privileged API. Una vulnerabilidad de autorización incorrecta en StorageManagerService anterior a SMR Nov-2022 Release 1 permite a un atacante local llamar a una API privilegiada. • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=11 • CWE-285: Improper Authorization •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-39887
https://notcve.org/view.php?id=CVE-2022-39887
Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to configure EDM setting. Una vulnerabilidad de control de acceso inadecuado en clearAllGlobalProxy en MiscPolicy anterior a SMR Nov-2022 Release 1 permite a un atacante local modificar la configuración de EDM. • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=11 • CWE-284: Improper Access Control •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2022-39885
https://notcve.org/view.php?id=CVE-2022-39885
Improper access control vulnerability in BootCompletedReceiver_CMCC in DeviceManagement prior to SMR Nov-2022 Release 1 allows local attacker to access to Device information. Una vulnerabilidad de control de acceso inadecuado en BootCompletedReceiver_CMCC en DeviceManagement antes de SMR Nov-2022 Release 1 permite a un atacante local acceder a la información del dispositivo. • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=11 • CWE-280: Improper Handling of Insufficient Permissions or Privileges CWE-755: Improper Handling of Exceptional Conditions •