Improper Integrity Validation in Samsung USB Driver for Windows
CVE-2022-33711

5.5MEDIUM

Key Information:

Vendor: Samsung
Status: Samsung Usb Driver Windows Installer For Mobile Phones
Vendor: CVE Published:; 12 July 2022

Summary

The vulnerability in the Samsung USB Driver for Windows allows local attackers to exploit improper validation of integrity checks. By leveraging this flaw, an attacker can delete arbitrary directories using directory junctions, potentially leading to loss of critical user data and system instability. Users of affected versions should upgrade to the latest version to mitigate this risk.

Affected Version(s)

Samsung USB Driver Windows Installer for Mobile Phones < 1.7.56.0

References

https://security.samsungmobile.com/serviceWeb.smsb?year==...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 12, 2022
Vulnerability Reserved
Jun 15, 2022