CVE-2022-39846Uncontrolled Search Path Element in Mobile Smart Switch PC

CWE-427Uncontrolled Search Path Element3 documents3 sources
Severity
7.8HIGHNVD
CNA6.2
EPSS
0.1%
top 81.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Samsung Mobile Smart Switch PCSamsung Smart Switch PC
Timeline
PublishedSep 9
Latest updateSep 10

Description

DLL hijacking vulnerability in Smart Switch PC prior to version 4.3.22083_3 allows attacker to execute arbitrary code.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDsamsung/smart_switch_pc< 4.3.22083_3
CVEListV5samsung_mobile/smart_switch_pcunspecified4.3.22083_3

🔴Vulnerability Details

2
GHSA
GHSA-9hmq-cvwx-h9wr: DLL hijacking vulnerability in Smart Switch PC prior to version 42022-09-10
CVEList
CVE-2022-39846: DLL hijacking vulnerability in Smart Switch PC prior to version 42022-09-09
CVE-2022-39846 — Uncontrolled Search Path Element | cvebase