Samsung Account
CVEs (17)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-30722 | Med | 0.40 | 6.2 | 0.00 | Jun 7, 2022 | Implicit Intent hijacking vulnerability in Samsung Account prior to SMR Jun-2022 Release 1 allows attackers to bypass user confirmation of Samsung Account. | ||
| CVE-2022-25825 | Med | 0.40 | 6.2 | 0.00 | Mar 10, 2022 | Improper access control vulnerability in Samsung Account prior to version 13.1.0.1 allows attackers to access to the authcode for sign-in. | ||
| CVE-2022-30735 | Med | 0.38 | 5.9 | 0.00 | Jun 7, 2022 | Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the access_token without permission. | ||
| CVE-2023-42549 | Med | 0.36 | 5.5 | 0.00 | Nov 7, 2023 | Use of implicit intent for sensitive communication vulnerability in startNameValidationActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege. | ||
| CVE-2023-42548 | Med | 0.36 | 5.5 | 0.00 | Nov 7, 2023 | Use of implicit intent for sensitive communication vulnerability in startMandatoryCheckActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege. | ||
| CVE-2023-42546 | Med | 0.36 | 5.5 | 0.00 | Nov 7, 2023 | Use of implicit intent for sensitive communication vulnerability in startAgreeToDisclaimerActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege. | ||
| CVE-2022-30732 | Med | 0.36 | 5.5 | 0.01 | Jun 7, 2022 | Exposure of Sensitive Information vulnerability in Samsung Account prior to version 13.2.00.6 allows attacker to access sensitive information via onActivityResult. | ||
| CVE-2022-30743 | Med | 0.34 | 5.3 | 0.00 | Jun 7, 2022 | Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the data of contact and gallery without permission. | ||
| CVE-2022-30736 | Med | 0.34 | 5.3 | 0.00 | Jun 7, 2022 | Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the data of contact and gallery without permission. | ||
| CVE-2022-39875 | Med | 0.33 | 5.1 | 0.00 | Oct 7, 2022 | Improper component protection vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout. | ||
| CVE-2023-42540 | Med | 0.26 | 4.0 | 0.00 | Nov 7, 2023 | Improper access control vulnerability in Samsung Account prior to version 14.5.01.1 allows attackers to access sensitive information via implicit intent. | ||
| CVE-2022-39874 | Med | 0.26 | 4.0 | 0.00 | Oct 7, 2022 | Sensitive log information leakage vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout. | ||
| CVE-2022-30739 | Med | 0.26 | 4.0 | 0.00 | Jun 7, 2022 | Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get an user email or phone number with a normal level permission. | ||
| CVE-2022-30737 | Med | 0.26 | 4.0 | 0.01 | Jun 7, 2022 | Implicit Intent hijacking vulnerability in Samsung Account prior to version 13.2.00.6 allows attackers to get email ID. | ||
| CVE-2022-30734 | Med | 0.26 | 4.0 | 0.01 | Jun 7, 2022 | Sensitive information exposure in Sign-out log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email or phone number without permission. | ||
| CVE-2022-30733 | Med | 0.26 | 4.0 | 0.01 | Jun 7, 2022 | Sensitive information exposure in Sign-in log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email or phone number without permission. | ||
| CVE-2022-39863 | Low | 0.23 | 3.6 | 0.00 | Oct 7, 2022 | Intent redirection vulnerability in Samsung Account prior to version 13.5.01.3 allows attackers to access content providers without permission. |
- risk 0.40cvss 6.2epss 0.00
Implicit Intent hijacking vulnerability in Samsung Account prior to SMR Jun-2022 Release 1 allows attackers to bypass user confirmation of Samsung Account.
- risk 0.40cvss 6.2epss 0.00
Improper access control vulnerability in Samsung Account prior to version 13.1.0.1 allows attackers to access to the authcode for sign-in.
- risk 0.38cvss 5.9epss 0.00
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the access_token without permission.
- risk 0.36cvss 5.5epss 0.00
Use of implicit intent for sensitive communication vulnerability in startNameValidationActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.
- risk 0.36cvss 5.5epss 0.00
Use of implicit intent for sensitive communication vulnerability in startMandatoryCheckActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.
- risk 0.36cvss 5.5epss 0.00
Use of implicit intent for sensitive communication vulnerability in startAgreeToDisclaimerActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.
- risk 0.36cvss 5.5epss 0.01
Exposure of Sensitive Information vulnerability in Samsung Account prior to version 13.2.00.6 allows attacker to access sensitive information via onActivityResult.
- risk 0.34cvss 5.3epss 0.00
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the data of contact and gallery without permission.
- risk 0.34cvss 5.3epss 0.00
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the data of contact and gallery without permission.
- risk 0.33cvss 5.1epss 0.00
Improper component protection vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.
- risk 0.26cvss 4.0epss 0.00
Improper access control vulnerability in Samsung Account prior to version 14.5.01.1 allows attackers to access sensitive information via implicit intent.
- risk 0.26cvss 4.0epss 0.00
Sensitive log information leakage vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.
- risk 0.26cvss 4.0epss 0.00
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get an user email or phone number with a normal level permission.
- risk 0.26cvss 4.0epss 0.01
Implicit Intent hijacking vulnerability in Samsung Account prior to version 13.2.00.6 allows attackers to get email ID.
- risk 0.26cvss 4.0epss 0.01
Sensitive information exposure in Sign-out log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email or phone number without permission.
- risk 0.26cvss 4.0epss 0.01
Sensitive information exposure in Sign-in log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email or phone number without permission.
- risk 0.23cvss 3.6epss 0.00
Intent redirection vulnerability in Samsung Account prior to version 13.5.01.3 allows attackers to access content providers without permission.