CVE-2022-30742Sensitive Information Exposure in Mobile Find MY Mobile

CWE-200Sensitive Information ExposureCWE-532Log File Information Exposure3 documents3 sources
Severity
3.3LOWNVD
EPSS
0.1%
top 82.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Samsung Mobile Find MY MobileSamsung Find MY Mobile
Timeline
PublishedJun 7
Latest updateJun 8

Description

Sensitive information exposure vulnerability in FmmExtraOperation of Find My Mobile prior to 7.2.24.12 allows local attackers with log access permissio to get sim card information through device log.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

NVDsamsung/find_my_mobile< 7.2.24.12
CVEListV5samsung_mobile/find_my_mobileunspecified7.2.24.12

🔴Vulnerability Details

2
GHSA
GHSA-75g9-xg49-wc86: Sensitive information exposure vulnerability in FmmExtraOperation of Find My Mobile prior to 72022-06-08
CVEList
CVE-2022-30742: Sensitive information exposure vulnerability in FmmExtraOperation of Find My Mobile prior to 72022-06-07
CVE-2022-30742 — Sensitive Information Exposure | cvebase