Samsung Mobile Samsung Flow vulnerabilities

CVE-2022-28543 [MEDIUM] CWE-22 CVE-2022-28543: Path traversal vulnerability in Samsung Flow prior to version 4.8.07.4 allows local attackers to rea Path traversal vulnerability in Samsung Flow prior to version 4.8.07.4 allows local attackers to read arbitrary files as Samsung Flow permission.

CVE-2022-28775 [LOW] CWE-284 CVE-2022-28775: Improper access control vulnerability in Samsung Flow prior to version 4.8.06.5 allows attacker to w Improper access control vulnerability in Samsung Flow prior to version 4.8.06.5 allows attacker to write the file without Samsung Flow permission.

CVE-2021-25509 [HIGH] CWE-20 CVE-2021-25509: A missing input validation in Samsung Flow Windows application prior to Version 4.8.5.0 allows attac A missing input validation in Samsung Flow Windows application prior to Version 4.8.5.0 allows attackers to overwrite abtraty file in the Windows known folders.

CVE-2021-25507 [MEDIUM] CWE-285 CVE-2021-25507: Improper authorization vulnerability in Samsung Flow mobile application prior to 4.8.03.5 allows Sam Improper authorization vulnerability in Samsung Flow mobile application prior to 4.8.03.5 allows Samsung Flow PC application connected with user device to access part of notification data in Secure Folder without authorization.