Dynamic Receiver Vulnerability in Samsung Members Prior to Version 4.2.005
CVE-2022-30748

4MEDIUM

Key Information:

Vendor: Samsung
Status: Samsung Members
Vendor: CVE Published:; 7 June 2022

What is CVE-2022-30748?

The unprotected dynamic receiver in Samsung Members, prior to version 4.2.005, allows attackers to initiate arbitrary activities within the application. This presents a security risk by enabling unauthorized actions, potentially leading to exposure of sensitive user data or disruption of app functionality.

Affected Version(s)

Samsung Members < 4.2.00.5

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

x_refsource_MISC

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 7, 2022
Vulnerability Reserved
May 16, 2022