CVE-2022-30749
published 2022-06-07CVE-2022-30749: Improper access control vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to add arbitrary smart devices by bypassing login activity.
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Improper access control vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to add arbitrary smart devices by bypassing login activity.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| samsung | smartthings | < 1.7.85.25 | 1.7.85.25 |
| samsung_mobile | smart_things | >= unspecified < 1.7.85.25 | 1.7.85.25 |