Sensitive Information Exposure in Galaxy Buds Pro by Samsung
CVE-2022-39893

3.3LOW

Key Information:

Vendor: Samsung
Status: Galaxy Buds Pro Manager
Vendor: CVE Published:; 9 November 2022

What is CVE-2022-39893?

A vulnerability exists in the FmmBaseModel of Samsung's Galaxy Buds Pro Manage, allowing local attackers with log access permission to expose sensitive device identifier information through device logs. This flaw can lead to unauthorized disclosure of user data, highlighting the need for proper security practices to protect against such local attacks.

Affected Version(s)

Galaxy Buds Pro Manager < 4.1.22092751

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 9, 2022
Vulnerability Reserved
Sep 5, 2022