CVE-2022-39870
published 2022-10-07CVE-2022-39870: Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information…
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via PUSH_MESSAGE_RECEIVED broadcast.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| samsung | smartthings | < 1.7.89.0 | 1.7.89.0 |
| samsung_mobile | smartthings | >= unspecified < 1.7.89.0 | 1.7.89.0 |