Intent Redirection Vulnerability in Samsung Email App by Samsung
CVE-2022-36837

6.2MEDIUM

Key Information:

Vendor: Samsung
Status: Samsung Email
Vendor: CVE Published:; 5 August 2022

What is CVE-2022-36837?

An intent redirection vulnerability exists in the Samsung Email application prior to version 6.1.70.20. This flaw allows attackers to exploit implicit intents to redirect users, potentially accessing sensitive information without proper authorization. Users are advised to update their applications to the latest version to mitigate any risks associated with this vulnerability. For further information, visit the official Samsung Mobile security portal.

Affected Version(s)

Samsung email < 6.1.70.20

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

x_refsource_MISC

CVSS V3.1

Score:

6.2

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 5, 2022
Vulnerability Reserved
Jul 27, 2022