CVE-2022-39845Improper Validation of Integrity Check Value in Mobile Samsung Kies

CWE-354Improper Validation of Integrity Check Value3 documents3 sources
Severity
7.1HIGHNVD
CNA5.5
EPSS
0.0%
top 92.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Samsung Mobile Samsung KiesSamsung Kies
Timeline
PublishedSep 9
Latest updateSep 10

Description

Improper validation of integrity check vulnerability in Samsung Kies prior to version 2.6.4.22074 allows local attackers to delete arbitrary directory using directory junction.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages2 packages

NVDsamsung/kies< 2.6.4.22074
CVEListV5samsung_mobile/samsung_kiesunspecified2.6.4.22074

🔴Vulnerability Details

2
GHSA
GHSA-5fjx-286j-pq38: Improper validation of integrity check vulnerability in Samsung Kies prior to version 22022-09-10
CVEList
CVE-2022-39845: Improper validation of integrity check vulnerability in Samsung Kies prior to version 22022-09-09
CVE-2022-39845 — Mobile Samsung Kies vulnerability | cvebase