CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-33717
https://notcve.org/view.php?id=CVE-2022-33717
A missing input validation before memory read in SEM TA prior to SMR Aug-2022 Release 1 allows local attackers to read out of bound memory. Una ausencia de comprobación de entrada anteriores a lectura de memoria en SEM TA versiones anteriores a SMR Aug-2022 Release 1, permite a atacantes locales leer memoria no inicializada • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-33716
https://notcve.org/view.php?id=CVE-2022-33716
An absence of variable initialization in ICCC TA prior to SMR Aug-2022 Release 1 allows local attacker to read uninitialized memory. Una ausencia de inicialización de variables en ICCC TA versiones anteriores a SMR Aug-2022 Release 1, permite a atacantes locales leer memoria no inicializada • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-457: Use of Uninitialized Variable CWE-908: Use of Uninitialized Resource •
CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33728
https://notcve.org/view.php?id=CVE-2022-33728
Exposure of sensitive information in Bluetooth prior to SMR Aug-2022 Release 1 allows local attackers to access connected BT macAddress via Settings.Gloabal. Una exposición de información confidencial en Bluetooth versiones anteriores a SMR Aug-2022 Release 1, permite a atacantes locales acceder a la dirección MAC del BT conectado por medio de Settings.Gloabal • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33729
https://notcve.org/view.php?id=CVE-2022-33729
Improper restriction of broadcasting Intent in ConfirmConnectActivity of?NFC prior to SMR Aug-2022 Release 1 leaks MAC address of the connected Bluetooth device. Una restricción inapropiada de la intención de transmisión en ConfirmConnectActivity de NFC versiones anteriores a SMR Aug-2022 Release 1, filtra la dirección MAC del dispositivo Bluetooth conectado • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33727
https://notcve.org/view.php?id=CVE-2022-33727
A vulnerable code in onCreate of SecDevicePickerDialog prior to SMR Aug-2022 Release 1, allows attackers to trick the user to select an unwanted bluetooth device via tapjacking/overlay attack. Un código vulnerable en onCreate de SecDevicePickerDialog versiones anteriores a SMR Aug-2022 Release 1, permite a atacantes engañar al usuario para que seleccione un dispositivo bluetooth no deseado por medio de un ataque de tapjacking/overlay • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •