CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-39857
https://notcve.org/view.php?id=CVE-2022-39857
Improper access control vulnerability in CameraTestActivity in FactoryCameraFB prior to version 3.5.51 allows attackers to access broadcasting Intent as system uid privilege. Una vulnerabilidad de control de acceso inapropiado en CameraTestActivity en FactoryCameraFB versiones anteriores a 3.5.51, permite a atacantes acceder a la emisión de Intent como privilegio de uid del sistema • https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=10 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-25440
https://notcve.org/view.php?id=CVE-2021-25440
Improper access control vulnerability in FactoryCameraFB prior to version 3.4.74 allows untrusted applications to access arbitrary files with an escalated privilege. Una vulnerabilidad de control de acceso inapropiado en FactoryCameraFB versiones anteriores 3.4.74, permite a aplicaciones no confiables acceder a archivos arbitrarios con un privilegio escalado • https://blog.oversecured.com/Two-weeks-of-securing-Samsung-devices-Part-2 https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=7 • CWE-284: Improper Access Control •