Samsung Mobile Devices vulnerabilities
374 known vulnerabilities affecting samsung_mobile/samsung_mobile_devices.
Total CVEs
374
CISA KEV
11
actively exploited
Public exploits
0
Exploited in wild
11
Severity breakdown
CRITICAL37HIGH100MEDIUM142LOW95
Vulnerabilities
Page 18 of 19
CVE-2022-39879P4LOWCVSS 3.3≥ R(11), S(12), < SMR Nov-2022 Release 12022-11-09
CVE-2022-39879 [LOW] CWE-285 CVE-2022-39879: Improper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows local
Improper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows local attacker to grant permission for accessing information with phone uid.
nvd
CVE-2022-39913P4LOWCVSS 3.3≥ unspecified, < Android T(13)2022-12-08
CVE-2022-39913 [LOW] CWE-200 CVE-2022-39913: Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T(13)
Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T(13) allows local attacker to access user profiles information.
nvd
CVE-2021-25335P4LOWCVSS 2.5≥ Selected Q(10.0), < SMR Mar-2021 Release 12021-03-04
CVE-2021-25335 [LOW] CWE-703 CVE-2021-25335: Improper lockscreen status check in cocktailbar service in Samsung mobile devices prior to SMR Mar-2
Improper lockscreen status check in cocktailbar service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows unauthenticated users to access hidden notification contents over the lockscreen in specific condition.
nvd
CVE-2022-27576P4LOWCVSS 3.3≥ Q(10), R(11), S(12), < SMR Apr-2022 Release 12022-04-11
CVE-2022-27576 [LOW] CWE-200 CVE-2022-27576: Information exposure vulnerability in Samsung DeX Home prior to SMR April-2022 Release 1 allows to a
Information exposure vulnerability in Samsung DeX Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app information without permission
nvd
CVE-2022-27575P4LOWCVSS 3.3≥ Q(10), R(11), S(12), < SMR Apr-2022 Release 12022-04-11
CVE-2022-27575 [LOW] CWE-200 CVE-2022-27575: Information exposure vulnerability in One UI Home prior to SMR April-2022 Release 1 allows to access
Information exposure vulnerability in One UI Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app information without permission.
nvd
CVE-2022-22270P4LOWCVSS 3.3≥ P(9.0), Q(10.0), R(11.0), < SMR Jan-2022 Release 12022-01-10
CVE-2022-22270 [LOW] CWE-94 CVE-2022-22270: An implicit Intent hijacking vulnerability in Dialer prior to SMR Jan-2022 Release 1 allows unprivil
An implicit Intent hijacking vulnerability in Dialer prior to SMR Jan-2022 Release 1 allows unprivileged applications to access contact information.
nvd
CVE-2021-25359P4LOWCVSS 3.3≥ Q(10.0), R(11.0), < SMR APR-2021 Release 12021-04-09
CVE-2021-25359 [LOW] CWE-284 CVE-2021-25359: An improper SELinux policy prior to SMR APR-2021 Release 1 allows local attackers to access AP infor
An improper SELinux policy prior to SMR APR-2021 Release 1 allows local attackers to access AP information without proper permissions via untrusted applications.
nvd
CVE-2021-25358P4LOWCVSS 3.3≥ P(9.0), Q(10.0), < SMR APR-2021 Release 12021-04-09
CVE-2021-25358 [LOW] CWE-256 CVE-2021-25358: A vulnerability that stores IMSI values in an improper path prior to SMR APR-2021 Release 1 allows l
A vulnerability that stores IMSI values in an improper path prior to SMR APR-2021 Release 1 allows local attackers to access IMSI values without any permission via untrusted applications.
nvd
CVE-2022-30728P4LOWCVSS 3.3≥ R(11), S(12), < SMR Jun-2022 Release 12022-06-07
CVE-2022-30728 [LOW] CWE-213 CVE-2022-30728: Information exposure vulnerability in ScanPool prior to SMR Jun-2022 Release 1 allows local attacker
Information exposure vulnerability in ScanPool prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information.
nvd
CVE-2022-30714P4LOWCVSS 3.3≥ Q(10), R(11), S(12), < SMR Jun-2022 Release 12022-06-07
CVE-2022-30714 [LOW] CWE-213 CVE-2022-30714: Information exposure vulnerability in SemIWCMonitor prior to SMR Jun-2022 Release 1 allows local att
Information exposure vulnerability in SemIWCMonitor prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information.
nvd
CVE-2022-27832P4LOWCVSS 3.3≥ O(10), R(11), S(12), < SMR Apr-2022 Release 12022-04-11
CVE-2022-27832 [LOW] CWE-125 CVE-2022-27832: Improper boundary check in media.extractor library prior to SMR Apr-2022 Release 1 allows attackers
Improper boundary check in media.extractor library prior to SMR Apr-2022 Release 1 allows attackers to cause denial of service via a crafted media file.
nvd
CVE-2022-33688P4LOWCVSS 3.3≥ Q(10), R(11), S(12), < SMR Jul-2022 Release 12022-07-12
CVE-2022-33688 [LOW] CWE-532 CVE-2022-33688: Sensitive information exposure vulnerability in EventType in SecTelephonyProvider prior to SMR Jul-2
Sensitive information exposure vulnerability in EventType in SecTelephonyProvider prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log.
nvd
CVE-2022-33687P4LOWCVSS 3.3≥ Q(10), R(11), S(12), < SMR Jul-2022 Release 12022-07-12
CVE-2022-33687 [LOW] CWE-200 CVE-2022-33687: Exposure of Sensitive Information in telephony-common.jar prior to SMR Jul-2022 Release 1 allows loc
Exposure of Sensitive Information in telephony-common.jar prior to SMR Jul-2022 Release 1 allows local attackers to access IMSI via log.
nvd
CVE-2022-33698P4LOWCVSS 3.3≥ Q(10), R(11), S(12), < SMR Jul-2022 Release 12022-07-12
CVE-2022-33698 [LOW] CWE-200 CVE-2022-33698: Exposure of Sensitive Information in Telecom application prior to SMR Jul-2022 Release 1 allows loca
Exposure of Sensitive Information in Telecom application prior to SMR Jul-2022 Release 1 allows local attackers to access ICCID via log.
nvd
CVE-2022-33694P4LOWCVSS 3.3≥ Q(10), R(11), S(12), < SMR Jul-2022 Release 12022-07-12
CVE-2022-33694 [LOW] CWE-213 CVE-2022-33694: Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local at
Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting.
nvd
CVE-2022-33697P4LOWCVSS 3.3≥ Q(10), R(11), S(12), < SMR Jul-2022 Release 12022-07-12
CVE-2022-33697 [LOW] CWE-532 CVE-2022-33697: Sensitive information exposure vulnerability in ImsServiceSwitchBase in ImsCore prior to SMR Jul-202
Sensitive information exposure vulnerability in ImsServiceSwitchBase in ImsCore prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log.
nvd
CVE-2021-25519P4LOWCVSS 3.3≥ P(9.0), Q(10.0), R(11.0), < SMR Dec-2021 Release 12021-12-08
CVE-2021-25519 [LOW] CWE-200 CVE-2021-25519: An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local attack
An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local attackers to access CPLC information without permission.
nvd
CVE-2022-30753P4LOWCVSS 3.3≥ Q(10), R(11), S(12), < SMR Jul-2022 Release 12022-07-12
CVE-2022-30753 [LOW] CWE-200 CVE-2022-30753: Improper use of a unique device ID in unprotected SecSoterService prior to SMR Jul-2022 Release 1 al
Improper use of a unique device ID in unprotected SecSoterService prior to SMR Jul-2022 Release 1 allows local attackers to get the device ID without permission.
nvd
CVE-2022-28794P4LOWCVSS 3.3≥ Q(10), R(11), S(12), < SMR Jun-2022 Release 12022-06-07
CVE-2022-28794 [LOW] CWE-213 CVE-2022-28794: Sensitive information exposure in low-battery dumpstate log prior to SMR Jun-2022 Release 1 allows l
Sensitive information exposure in low-battery dumpstate log prior to SMR Jun-2022 Release 1 allows local attackers to get SIM card information.
nvd
CVE-2022-39884P4LOWCVSS 3.3≥ Q(10), R(11), S(12), < SMR Nov-2022 Release 12022-11-09
CVE-2022-39884 [LOW] CWE-284 CVE-2022-39884: Improper access control vulnerability in IImsService prior to SMR Nov-2022 Release 1 allows local at
Improper access control vulnerability in IImsService prior to SMR Nov-2022 Release 1 allows local attacker to access to Call information.
nvd