Sensitive Information Exposure in Samsung Account
CVE-2022-30733

4MEDIUM

Key Information:

Vendor: Samsung
Status: Samsung Account
Vendor: CVE Published:; 7 June 2022

Summary

A vulnerability in the Samsung Account service prior to version 13.2.00.6 allows attackers to access sensitive information, such as user email addresses and phone numbers, without explicit permission. This exposure can lead to further exploitation and unauthorized actions against users, significantly impacting their privacy and security.

Affected Version(s)

Samsung Account < 13.2.00.6

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

x_refsource_MISC

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 7, 2022
Vulnerability Reserved
May 16, 2022