CVE-2022-33685
https://notcve.org/view.php?id=CVE-2022-33685
Unprotected dynamic receiver in Wearable Manager Service prior to SMR Jul-2022 Release 1 allows attacker to launch arbitray activity and access senstive information. Un receptor dinámico desprotegido en el servicio Wearable Manager versiones anteriores a SMR Jul-2022 Release 1, permite a un atacante iniciar una actividad arbitraria y acceder a información confidencial • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-561: Dead Code •
CVE-2022-30758
https://notcve.org/view.php?id=CVE-2022-30758
Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attackers to access some protected information with privilege of Finder. Una vulnerabilidad secuestro de Intención Implícita en Finder versiones anteriores a SMR Jul-2022 Release 1, permite a atacantes acceder a cierta información protegida con privilegios de Finder • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-276: Incorrect Default Permissions •
CVE-2022-30757
https://notcve.org/view.php?id=CVE-2022-30757
Improper authorization in isemtelephony prior to SMR Jul-2022 Release 1 allows attacker to obtain CID without ACCESS_FINE_LOCATION permission. Una autorización inapropiada en isemtelephony versiones anteriores a SMR Jul-2022 Release 1, permite a un atacante obtener el CID sin el permiso ACCESS_FINE_LOCATION • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-285: Improper Authorization •
CVE-2022-30756
https://notcve.org/view.php?id=CVE-2022-30756
Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attackers to launch certain activities with privilege of Finder. Una vulnerabilidad de secuestro de Intención Implícita en Finder versiones anteriores a SMR Jul-2022 Release 1, permite a atacantes iniciar determinadas actividades con el privilegio de Finder • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-20: Improper Input Validation •
CVE-2022-30755
https://notcve.org/view.php?id=CVE-2022-30755
Improper authentication vulnerability in AppLock prior to SMR Jul-2022 Release 1 allows attacker to bypass password confirm activity by hijacking the implicit intent. Una vulnerabilidad de autenticación inapropiada en AppLock versiones anteriores a SMR Jul-2022 Release 1, permite a atacantes omitir la actividad de confirmación de contraseña mediante el secuestro de Intención Implícita • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-287: Improper Authentication •