Improper Authorization Flaw in Samsung Internet Browser
CVE-2022-39873
4.3MEDIUM
Summary
An improper authorization vulnerability exists in Samsung Internet prior to version 18.0.4.14, allowing physical attackers to manipulate bookmarks in secret mode without requiring user authentication. This flaw poses a significant security risk, as it enables unauthorized users to access confidential information stored in the browser, potentially leading to privacy breaches and data compromise.
Affected Version(s)
Samsung Internet < 18.0.4.14
References
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved