Improper Condition Handling in Samsung Pass by Samsung
CVE-2022-39911

4.8MEDIUM

Key Information:

Vendor: Samsung
Status: Samsung Pass
Vendor: CVE Published:; 8 December 2022

Summary

An improper check or handling of exceptional conditions in Samsung Pass prior to version 4.0.06.1 permits unauthorized access to sensitive user data. Attackers exploiting this vulnerability can bypass intended access controls, thereby endangering user security and privacy.

Affected Version(s)

Samsung Pass < 4.0.06.1

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

CVSS V3.1

Score:

4.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Physical

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Dec 8, 2022
Vulnerability Reserved
Sep 5, 2022