VYPR

Samsung Pass

by Samsung Mobile

CVEs (15)

  • CVE-2023-30677MedJul 6, 2023
    risk 0.40cvss 6.1epss 0.00

    Improper access control vulnerability in Samsung Pass prior to version 4.2.03.1 allows physical attackers to access data of Samsung Pass on a certain state of an unlocked device.

  • CVE-2023-30675MedJul 6, 2023
    risk 0.40cvss 6.2epss 0.00

    Improper authentication in Samsung Pass prior to version 4.2.03.1 allows local attacker to access stored account information when Samsung Wallet is not installed.

  • CVE-2023-42576MedDec 5, 2023
    risk 0.35cvss 5.4epss 0.00

    Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid exception handler.

  • CVE-2023-42575MedDec 5, 2023
    risk 0.35cvss 5.4epss 0.00

    Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid flag setting.

  • CVE-2023-42554MedNov 7, 2023
    risk 0.35cvss 5.4epss 0.00

    Improper Authentication vulnerabiity in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication.

  • CVE-2024-49405MedNov 6, 2024
    risk 0.34cvss 5.3epss 0.00

    Improper authentication in Private Info in Samsung Pass in prior to version 4.4.04.7 allows physical attackers to access sensitive information in a specific scenario.

  • CVE-2022-39911MedDec 8, 2022
    risk 0.31cvss 4.8epss 0.00

    Improper check or handling of exceptional conditions vulnerability in Samsung Pass prior to version 4.0.06.1 allows attacker to access Samsung Pass.

  • CVE-2023-30676MedJul 6, 2023
    risk 0.30cvss 4.6epss 0.00

    Improper access control vulnerability in Samsung Pass prior to version 4.2.03.1 allows physical attackers to access data of Samsung Pass.

  • CVE-2022-30730MedJun 7, 2022
    risk 0.30cvss 4.6epss 0.00

    Improper authorization in Samsung Pass prior to 1.0.00.33 allows physical attackers to acess account list without authentication.

  • CVE-2022-27841MedApr 11, 2022
    risk 0.28cvss 4.3epss 0.00

    Improper exception handling in Samsung Pass prior to version 3.7.07.5 allows physical attacker to view the screen that is previously running without authentication

  • CVE-2022-39910LowDec 8, 2022
    risk 0.25cvss 3.9epss 0.00

    Improper access control vulnerability in Samsung Pass prior to version 4.0.06.7 allow physical attackers to access data of Samsung Pass on a certain state of an unlocked device using pop-up view.

  • CVE-2022-36851LowSep 9, 2022
    risk 0.25cvss 3.9epss 0.00

    Improper access control vulnerability in Samsung pass prior to version 4.0.03.1 allow physical attackers to access data of Samsung pass on a certain state of an unlocked device.

  • CVE-2022-39892LowNov 9, 2022
    risk 0.23cvss 3.6epss 0.00

    Improper access control in Samsung Pass prior to version 4.0.05.1 allows attackers to unauthenticated access via keep open feature.

  • CVE-2021-25505LowNov 5, 2021
    risk 0.21cvss 3.3epss 0.01

    Improper authentication in Samsung Pass prior to 3.0.02.4 allows to use app without authentication when lockscreen is unlocked.

  • CVE-2022-36876LowSep 9, 2022
    risk 0.12cvss 1.8epss 0.00

    Improper authorization in UPI payment in Samsung Pass prior to version 4.0.04.10 allows physical attackers to access account list without authentication.