VYPR

mobile devices

by Samsung Mobile

CVEs (911)

  • CVE-2021-25411MedJun 11, 2021
    risk 0.29cvss 4.4epss 0.00

    Improper address validation vulnerability in RKP api prior to SMR JUN-2021 Release 1 allows root privileged local attackers to write read-only kernel memory.

  • CVE-2021-25339MedMar 4, 2021
    risk 0.29cvss 4.4epss 0.00

    Improper address validation in HArx in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to corrupt EL2 memory.

  • CVE-2021-25338MedMar 4, 2021
    risk 0.29cvss 4.4epss 0.00

    Improper memory access control in RKP in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to write certain part of RKP EL2 memory region.

  • CVE-2023-30685MedAug 10, 2023
    risk 0.28cvss 4.3epss 0.00

    Improper access control vulnerability in Telecom prior to SMR Aug-2023 Release 1 allows local attakcers to change TTY mode.

  • CVE-2023-30684MedAug 10, 2023
    risk 0.28cvss 4.3epss 0.00

    Improper access control in Samsung Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call acceptRingingCall API without permission.

  • CVE-2023-30683MedAug 10, 2023
    risk 0.28cvss 4.3epss 0.00

    Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call endCall API without permission.

  • CVE-2023-30682MedAug 10, 2023
    risk 0.28cvss 4.3epss 0.00

    Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call silenceRinger API without permission.

  • CVE-2023-30641MedJul 6, 2023
    risk 0.28cvss 4.3epss 0.00

    Improper access control vulnerability in Settings prior to SMR Jul-2023 Release 1 allows physical attacker to use restricted user profile to access device owner's google account data.

  • CVE-2023-30640MedJul 6, 2023
    risk 0.28cvss 4.3epss 0.00

    Improper access control vulnerability in PersonaManagerService prior to SMR Jul-2023 Release 1 allows local attackers to change confiugration.

  • CVE-2023-21426MedFeb 9, 2023
    risk 0.28cvss 4.3epss 0.00

    Hardcoded AES key to encrypt cardemulation PINs in NFC prior to SMR Jan-2023 Release 1 allows attackers to access cardemulation PIN.

  • CVE-2023-21425MedFeb 9, 2023
    risk 0.28cvss 4.3epss 0.00

    Improper access control vulnerability in telecom application prior to SMR JAN-2023 Release 1 allows local attackers to get sensitive information.

  • CVE-2023-21419MedFeb 9, 2023
    risk 0.28cvss 4.3epss 0.00

    An improper implementation logic in Secure Folder prior to SMR Jan-2023 Release 1 allows the Secure Folder container remain unlocked under certain condition.

  • CVE-2022-39887MedNov 9, 2022
    risk 0.28cvss 4.3epss 0.00

    Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to configure EDM setting.

  • CVE-2022-39884MedNov 9, 2022
    risk 0.28cvss 4.3epss 0.00

    Improper access control vulnerability in IImsService prior to SMR Nov-2022 Release 1 allows local attacker to access to Call information.

  • CVE-2021-25430MedJul 8, 2021
    risk 0.28cvss 4.3epss 0.00

    Improper access control vulnerability in Bluetooth application prior to SMR July-2021 Release 1 allows untrusted application to access the Bluetooth information in Bluetooth application.

  • CVE-2021-25429MedJul 8, 2021
    risk 0.28cvss 4.3epss 0.00

    Improper privilege management vulnerability in Bluetooth application prior to SMR July-2021 Release 1 allows untrusted application to access the Bluetooth information in Bluetooth application.

  • CVE-2017-18667MedApr 7, 2020
    risk 0.28cvss 4.3epss 0.00

    An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. Attackers can prevent users from learning that SMS storage space has been exhausted. The Samsung ID is SVE-2017-8702 (June 2017).

  • CVE-2016-11050MedApr 7, 2020
    risk 0.28cvss 4.3epss 0.00

    An issue was discovered on Samsung mobile devices with S3(KK), Note2(KK), S4(L), Note3(L), and S5(L) software. An attacker can rewrite the IMEI by flashing crafted firmware. The Samsung ID is SVE-2016-5562 (March 2016).

  • CVE-2023-21457MedMar 16, 2023
    risk 0.27cvss 4.1epss 0.00

    Improper access control vulnerability in Bluetooth prior to SMR Mar-2023 Release 1 allows attackers to send file via Bluetooth without related permission.

  • CVE-2022-25820MedMar 10, 2022
    risk 0.27cvss 4.2epss 0.00

    A vulnerable design in fingerprint matching algorithm prior to SMR Mar-2022 Release 1 allows physical attackers to perform brute force attack on screen lock password.

Page 24 of 46