CVE-2022-28543

CWE-22Path Traversal3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 86.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Samsung Mobile Samsung FlowSamsung Samsung Flow
Timeline
PublishedApr 11
Latest updateApr 12

Description

Path traversal vulnerability in Samsung Flow prior to version 4.8.07.4 allows local attackers to read arbitrary files as Samsung Flow permission.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 2.5 | Impact: 1.4

Affected Packages2 packages

NVDsamsung/samsung_flow< 4.8.07.4
CVEListV5samsung_mobile/samsung_flow-4.8.07.4

🔴Vulnerability Details

2
GHSA
GHSA-r236-9pm4-hxw8: Path traversal vulnerability in Samsung Flow prior to version 42022-04-12
CVEList
CVE-2022-28543: Path traversal vulnerability in Samsung Flow prior to version 42022-04-11
CVE-2022-28543 (MEDIUM CVSS 5.5) | Path traversal vulnerability in Sam | cvebase.io