Improper Authorization Flaw in Samsung Internet Browser
CVE-2022-39873
4.3MEDIUM
What is CVE-2022-39873?
An improper authorization vulnerability exists in Samsung Internet prior to version 18.0.4.14, allowing physical attackers to manipulate bookmarks in secret mode without requiring user authentication. This flaw poses a significant security risk, as it enables unauthorized users to access confidential information stored in the browser, potentially leading to privacy breaches and data compromise.
Affected Version(s)
Samsung Internet < 18.0.4.14
References
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved