CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-39858
https://notcve.org/view.php?id=CVE-2022-39858
Path traversal vulnerability in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to write arbitrary file as FactoryCamera privilege. Una vulnerabilidad de Salto de Ruta en AtBroadcastReceiver en FactoryCamera versiones anteriores a 3.5.51, permite a atacantes escribir un archivo arbitrario como privilegio de FactoryCamera • https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=10 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2022-39861
https://notcve.org/view.php?id=CVE-2022-39861
Unprotected Receiver in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to record video without camera privilege. Un Receptor Desprotegido en AtBroadcastReceiver en FactoryCamera versiones anteriores a 3.5.51, permite a atacantes grabar vídeo sin privilegio de cámara • https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=10 • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-27838
https://notcve.org/view.php?id=CVE-2022-27838
Improper access control vulnerability in FactoryCamera prior to version 2.1.96 allows attacker to access the file with system privilege. Una vulnerabilidad de control de acceso inapropiado en FactoryCamera versiones anteriores a 2.1.96 permite a atacantes acceder al archivo con privilegios system • https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=4 • CWE-284: Improper Access Control •