Improper Integrity Check in Smart Switch PC by Samsung
CVE-2022-39844

5.5MEDIUM

Key Information:

Vendor

Samsung
Status
Smart Switch Pc
Vendor
CVE Published:
9 September 2022

What is CVE-2022-39844?

An improper validation of the integrity check in Samsung's Smart Switch PC before version 4.3.22083 allows local attackers to exploit this vulnerability. By utilizing directory junctions, an attacker can delete arbitrary directories, potentially leading to data loss or system instability. This vulnerability highlights the need for robust integrity verification mechanisms in software applications to protect against local attack vectors.

Affected Version(s)

Smart Switch PC < 4.3.22083

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...
x_refsource_MISC

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2022-39844 : Improper Integrity Check in Smart Switch PC by Samsung