CVE-2022-28777
Severity
3.3LOW
EPSS
0.1%
top 81.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 11
Latest updateApr 12
Description
Improper access control vulnerability in Samsung Members prior to version 13.6.08.5 allows local attacker to execute call function without CALL_PHONE permission.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:LExploitability: 2.5 | Impact: 1.4