Security Flaw in Bixby Routines Affects Android Devices
CVE-2022-22286

4.4MEDIUM

Key Information:

Vendor: Samsung
Status: Bixby Routines
Vendor: CVE Published:; 10 January 2022

What is CVE-2022-22286?

A security vulnerability exists in Bixby Routines that allows attackers to exploit PendingIntent functionality. This flaw enables privileged actions to be executed by modifying the intent, which can lead to unauthorized access and manipulation of device functions in Android versions R (11.0) and Q (10.0). Users of Bixby Routines should ensure they are using the latest versions to mitigate potential risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Bixby Routines - < 3.1.21.8 in Android R(11.0) and 2.6.30.5 in Android Q(10.0)

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

x_refsource_MISC

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 10, 2022
Vulnerability Reserved
Dec 30, 2021

JSON

Samsung