← Volver a CVEs
CVE-2022-39864
LOW3.3
Descripcion
Improper access control vulnerability in WifiSetupLaunchHelper in SmartThings prior to version 1.7.89.25 allows attackers to access sensitive information via implicit intent.
Detalles CVE
Puntuacion CVSS v3.13.3
SeveridadLOW
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioREQUIRED
Publicado10/7/2022
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
samsung:smartthings
Debilidades (CWE)
CWE-284
Referencias
https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=10(mobile.security@samsung.com)
https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=10(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.