CVE-2022-36840

CWE-4273 documents3 sources
Severity
7.8HIGH
EPSS
0.1%
top 81.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Samsung Mobile Samsung Update SetupSamsung Update
Timeline
PublishedAug 5
Latest updateAug 6

Description

DLL hijacking vulnerability in Samsung Update Setup prior to version 2.2.9.50 allows attackers to execute arbitrary code.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:LExploitability: 1.0 | Impact: 3.4

Affected Packages2 packages

CVEListV5samsung_mobile/samsung_update_setupunspecified2.2.9.50
NVDsamsung/update< 2.2.9.50

🔴Vulnerability Details

2
GHSA
GHSA-xm3x-7w4f-6pg6: DLL hijacking vulnerability in Samsung Update Setup prior to version 22022-08-06
CVEList
CVE-2022-36840: DLL hijacking vulnerability in Samsung Update Setup prior to version 22022-08-05
CVE-2022-36840 (HIGH CVSS 7.8) | DLL hijacking vulnerability in Sams | cvebase.io