CVE-2022-25826

CWE-200Information ExposureCWE-532Log File Information Exposure3 documents3 sources
Severity
3.3LOW
EPSS
0.1%
top 67.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Samsung Mobile Galaxy S3 PluginSamsung Galaxy Watch 3 Plugin
Timeline
PublishedMar 10
Latest updateMar 11

Description

Information Exposure vulnerability in Galaxy S3 Plugin prior to version 2.2.03.22012751 allows attacker to access password information of connected WiFiAp in the log

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:NExploitability: 0.5 | Impact: 1.4

Affected Packages2 packages

NVDsamsung/galaxy_watch_3_plugin< 2.2.03.22012751
CVEListV5samsung_mobile/galaxy_s3_plugin-2.2.03.22012751

🔴Vulnerability Details

2
GHSA
GHSA-r87r-6j6c-xx59: Information Exposure vulnerability in Galaxy S3 Plugin prior to version 22022-03-11
CVEList
CVE-2022-25826: Information Exposure vulnerability in Galaxy S3 Plugin prior to version 22022-03-08
CVE-2022-25826 (LOW CVSS 3.3) | Information Exposure vulnerability | cvebase.io