CVE-2022-36878Sensitive Information Exposure in Mobile Find MY Mobile

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
3.3LOWNVD
EPSS
0.1%
top 80.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Samsung Mobile Find MY MobileSamsung Find MY Mobile
Timeline
PublishedSep 9
Latest updateSep 10

Description

Exposure of Sensitive Information in Find My Mobile prior to version 7.2.25.14 allows local attacker to access IMEI via log.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

NVDsamsung/find_my_mobile< 7.2.25.14
CVEListV5samsung_mobile/find_my_mobileunspecified7.2.25.14

🔴Vulnerability Details

2
GHSA
GHSA-fhph-g84c-4j7p: Exposure of Sensitive Information in Find My Mobile prior to version 72022-09-10
CVEList
CVE-2022-36878: Exposure of Sensitive Information in Find My Mobile prior to version 72022-09-09
CVE-2022-36878 — Sensitive Information Exposure | cvebase