CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-33731
https://notcve.org/view.php?id=CVE-2022-33731
Improper access control vulnerability in DesktopSystemUI prior to SMR Aug-2022 Release 1 allows attackers to enable and disable arbitrary components. Una vulnerabilidad de control de acceso inapropiado en DesktopSystemUI versiones anteriores a SMR Aug-2022 Release 1, permite a atacantes activar y desactivar componentes arbitrarios • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-284: Improper Access Control •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33714
https://notcve.org/view.php?id=CVE-2022-33714
Improper access control vulnerability in SemWifiApBroadcastReceiver prior to SMR Aug-2022 Release 1 allows attacker to reset a setting value related to mobile hotspot. Una vulnerabilidad de control de acceso inapropiada en SemWifiApBroadcastReceiver versiones anteriores a SMR Aug-2022 Release 1, permite a un atacante restablecer un valor de configuración relacionado con el punto de acceso móvil • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-284: Improper Access Control •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33718
https://notcve.org/view.php?id=CVE-2022-33718
An improper access control vulnerability in Wi-Fi Service prior to SMR AUG-2022 Release 1 allows untrusted applications to manipulate the list of apps that can use mobile data. Una vulnerabilidad de control de acceso inapropiada en Wi-Fi Service versiones anteriores a SMR Aug-2022 Release 1, permite a aplicaciones no confiables manipular la lista de aplicaciones que pueden usar los datos móviles • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-863: Incorrect Authorization •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-33715
https://notcve.org/view.php?id=CVE-2022-33715
Improper access control and path traversal vulnerability in LauncherProvider prior to SMR Aug-2022 Release 1 allow local attacker to access files of One UI. Un control de acceso inapropiado y una vulnerabilidad de salto de ruta en LauncherProvider versiones anteriores a SMR Aug-2022 Release 1, permiten a un atacante local acceder a archivos de One UI • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-33725
https://notcve.org/view.php?id=CVE-2022-33725
A vulnerability using PendingIntent in Knox VPN prior to SMR Aug-2022 Release 1 allows attackers to access content providers with system privilege. Una vulnerabilidad usando PendingIntent en Knox VPN versiones anteriores a SMR Aug-2022 Release 1, permite a atacantes acceder a los proveedores de contenido con privilegio del sistema • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-94: Improper Control of Generation of Code ('Code Injection') •