CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2022-33691
https://notcve.org/view.php?id=CVE-2022-33691
A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow local attackers to interleave malicious operations. Una posible vulnerabilidad de condición de carrera en score driver versiones anteriores a SMR Jul-2022 Release 1, puede permitir a atacantes locales intercalar operaciones maliciosas • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33689
https://notcve.org/view.php?id=CVE-2022-33689
Improper access control vulnerability in TelephonyUI prior to SMR Jul-2022 Release 1 allows attackers to change preferred network type by unprotected binder call. Una vulnerabilidad de control de acceso inapropiado en TelephonyUI versiones anteriores a SMR Jul-2022 Release 1, permite a atacantes cambiar el tipo de red preferido mediante una llamada de enlace no protegida • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-287: Improper Authentication •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33688
https://notcve.org/view.php?id=CVE-2022-33688
Sensitive information exposure vulnerability in EventType in SecTelephonyProvider prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log. La vulnerabilidad de exposición de información confidencial en EventType en SecTelephonyProvider versiones anteriores a SMR Jul-2022 Release 1, permite a atacantes locales con permiso de acceso al registro conseguir IMSI mediante el registro del dispositivo • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33687
https://notcve.org/view.php?id=CVE-2022-33687
Exposure of Sensitive Information in telephony-common.jar prior to SMR Jul-2022 Release 1 allows local attackers to access IMSI via log. Una exposición de información confidencial en telephony-common.jar versiones anteriores a SMR Jul-2022 Release 1, permite a atacantes locales acceder a la IMSI por medio del registro • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 2.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33686
https://notcve.org/view.php?id=CVE-2022-33686
Exposure of Sensitive Information in GsmAlarmManager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log. Una exposición de información confidencial en GsmAlarmManager versiones anteriores a SMR Jul-2022 Release 1, permite a atacantes locales acceder a iccid por medio del registro • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-552: Files or Directories Accessible to External Parties •