SamsungPay mini
CVEs (10)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-20850 | 0.00 | — | 0.00 | Apr 2, 2024 | Use of Implicit Intent for Sensitive Communication in Samsung Pay prior to version 5.4.99 allows local attackers to access information of Samsung Pay. | |||
| CVE-2022-36872 | 0.00 | — | 0.00 | Sep 9, 2022 | Pending Intent hijacking vulnerability in SpayNotification in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent. | |||
| CVE-2022-36871 | 0.00 | — | 0.00 | Sep 9, 2022 | Pending Intent hijacking vulnerability in NotiCenterUtils in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent. | |||
| CVE-2022-36870 | 0.00 | — | 0.00 | Sep 9, 2022 | Pending Intent hijacking vulnerability in MTransferNotificationManager in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent. | |||
| CVE-2021-25527 | 0.00 | — | 0.00 | Dec 8, 2021 | Improper export of Android application components vulnerability in Samsung Pay (India only) prior to version 4.1.77 allows attacker to access Bill Pay and Recharge menu without authentication. | |||
| CVE-2021-25525 | 0.00 | — | 0.00 | Dec 8, 2021 | Improper check or handling of exception conditions vulnerability in Samsung Pay (US only) prior to version 4.0.65 allows attacker to use NFC without user recognition. | |||
| CVE-2021-25333 | 0.00 | — | 0.00 | Mar 4, 2021 | Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen via scanning specific QR code. | |||
| CVE-2021-25332 | 0.00 | — | 0.00 | Mar 4, 2021 | Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to contacts information over the lockscreen in specific condition. | |||
| CVE-2021-25331 | 0.00 | — | 0.00 | Mar 4, 2021 | Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen in specific condition. | |||
| CVE-2019-20543 | 0.00 | — | 0.00 | Mar 24, 2020 | An issue was discovered on Samsung mobile devices with P(9.0) software. Attackers can bypass Factory Reset Protection (FRP) via SamsungPay mini. The Samsung ID is SVE-2019-15090 (November 2019). |
- CVE-2024-20850Apr 2, 2024risk 0.00cvss —epss 0.00
Use of Implicit Intent for Sensitive Communication in Samsung Pay prior to version 5.4.99 allows local attackers to access information of Samsung Pay.
- CVE-2022-36872Sep 9, 2022risk 0.00cvss —epss 0.00
Pending Intent hijacking vulnerability in SpayNotification in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent.
- CVE-2022-36871Sep 9, 2022risk 0.00cvss —epss 0.00
Pending Intent hijacking vulnerability in NotiCenterUtils in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent.
- CVE-2022-36870Sep 9, 2022risk 0.00cvss —epss 0.00
Pending Intent hijacking vulnerability in MTransferNotificationManager in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent.
- CVE-2021-25527Dec 8, 2021risk 0.00cvss —epss 0.00
Improper export of Android application components vulnerability in Samsung Pay (India only) prior to version 4.1.77 allows attacker to access Bill Pay and Recharge menu without authentication.
- CVE-2021-25525Dec 8, 2021risk 0.00cvss —epss 0.00
Improper check or handling of exception conditions vulnerability in Samsung Pay (US only) prior to version 4.0.65 allows attacker to use NFC without user recognition.
- CVE-2021-25333Mar 4, 2021risk 0.00cvss —epss 0.00
Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen via scanning specific QR code.
- CVE-2021-25332Mar 4, 2021risk 0.00cvss —epss 0.00
Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to contacts information over the lockscreen in specific condition.
- CVE-2021-25331Mar 4, 2021risk 0.00cvss —epss 0.00
Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen in specific condition.
- CVE-2019-20543Mar 24, 2020risk 0.00cvss —epss 0.00
An issue was discovered on Samsung mobile devices with P(9.0) software. Attackers can bypass Factory Reset Protection (FRP) via SamsungPay mini. The Samsung ID is SVE-2019-15090 (November 2019).