CVE-2022-39861

CWE-862Missing Authorization3 documents3 sources
Severity
3.3LOW
EPSS
0.1%
top 81.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Samsung Mobile FactorycameraSamsung Factorycamera
Timeline
PublishedOct 7

Description

Unprotected Receiver in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to record video without camera privilege.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:LExploitability: 2.5 | Impact: 3.4

Affected Packages2 packages

NVDsamsung/factorycamera< 3.5.51
CVEListV5samsung_mobile/factorycameraunspecified3.5.51

🔴Vulnerability Details

2
GHSA
GHSA-62v9-m22p-gxgq: Unprotected Receiver in AtBroadcastReceiver in FactoryCamera prior to version 32022-10-07
CVEList
CVE-2022-39861: Unprotected Receiver in AtBroadcastReceiver in FactoryCamera prior to version 32022-10-07
CVE-2022-39861 (LOW CVSS 3.3) | Unprotected Receiver in AtBroadcast | cvebase.io