Arbitrary File Access Vulnerability in Samsung Email Software
CVE-2022-22287

3.9LOW

Key Information:

Vendor: Samsung
Status: Samsung Email
Vendor: CVE Published:; 10 January 2022

Summary

An arbitrary file access vulnerability exists in Samsung Email versions prior to 6.1.60.16. This flaw enables attackers to gain unauthorized access to isolated data within the application’s sandbox, potentially compromising sensitive user information. Ensuring your software is up-to-date is critical to mitigate risks associated with this vulnerability.

Affected Version(s)

Samsung Email - < 6.1.60.16

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

x_refsource_MISC

CVSS V3.1

Score:

3.9

Severity:

LOW

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 10, 2022
Vulnerability Reserved
Dec 30, 2021