cbcvebase.
CVE-2022-36868
published 2022-10-07

CVE-2022-36868: Improper restriction of broadcasting Intent in MouseNKeyHidDevice prior to SMR Oct-2022 Release 1 leaks MAC address of the connected Bluetooth device.

PriorityP49low3.3CVSS 3.1
AVLACLPRLUINSUCLINAN
EPSS
0.12%
1.9th percentile
Improper restriction of broadcasting Intent in MouseNKeyHidDevice prior to SMR Oct-2022 Release 1 leaks MAC address of the connected Bluetooth device.

Affected

3 ranges
VendorProductVersion rangeFixed in
googleandroid
googleandroid
samsung_mobilesamsung_mobile_devices>= R(11), S(12) < SMR Oct-2022 Release 1SMR Oct-2022 Release 1
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.