Samsung Pass
CVEs (15)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-49405 | 0.00 | — | 0.00 | Nov 6, 2024 | Improper authentication in Private Info in Samsung Pass in prior to version 4.4.04.7 allows physical attackers to access sensitive information in a specific scenario. | |||
| CVE-2023-42576 | 0.00 | — | 0.00 | Dec 5, 2023 | Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid exception handler. | |||
| CVE-2023-42575 | 0.00 | — | 0.00 | Dec 5, 2023 | Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid flag setting. | |||
| CVE-2023-42554 | 0.00 | — | 0.00 | Nov 7, 2023 | Improper Authentication vulnerabiity in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication. | |||
| CVE-2023-30677 | 0.00 | — | 0.00 | Jul 6, 2023 | Improper access control vulnerability in Samsung Pass prior to version 4.2.03.1 allows physical attackers to access data of Samsung Pass on a certain state of an unlocked device. | |||
| CVE-2023-30676 | 0.00 | — | 0.00 | Jul 6, 2023 | Improper access control vulnerability in Samsung Pass prior to version 4.2.03.1 allows physical attackers to access data of Samsung Pass. | |||
| CVE-2023-30675 | 0.00 | — | 0.00 | Jul 6, 2023 | Improper authentication in Samsung Pass prior to version 4.2.03.1 allows local attacker to access stored account information when Samsung Wallet is not installed. | |||
| CVE-2022-39910 | 0.00 | — | 0.00 | Dec 8, 2022 | Improper access control vulnerability in Samsung Pass prior to version 4.0.06.7 allow physical attackers to access data of Samsung Pass on a certain state of an unlocked device using pop-up view. | |||
| CVE-2022-39911 | 0.00 | — | 0.00 | Dec 8, 2022 | Improper check or handling of exceptional conditions vulnerability in Samsung Pass prior to version 4.0.06.1 allows attacker to access Samsung Pass. | |||
| CVE-2022-39892 | 0.00 | — | 0.00 | Nov 9, 2022 | Improper access control in Samsung Pass prior to version 4.0.05.1 allows attackers to unauthenticated access via keep open feature. | |||
| CVE-2022-36851 | 0.00 | — | 0.00 | Sep 9, 2022 | Improper access control vulnerability in Samsung pass prior to version 4.0.03.1 allow physical attackers to access data of Samsung pass on a certain state of an unlocked device. | |||
| CVE-2022-36876 | 0.00 | — | 0.00 | Sep 9, 2022 | Improper authorization in UPI payment in Samsung Pass prior to version 4.0.04.10 allows physical attackers to access account list without authentication. | |||
| CVE-2022-30730 | 0.00 | — | 0.00 | Jun 7, 2022 | Improper authorization in Samsung Pass prior to 1.0.00.33 allows physical attackers to acess account list without authentication. | |||
| CVE-2022-27841 | 0.00 | — | 0.00 | Apr 11, 2022 | Improper exception handling in Samsung Pass prior to version 3.7.07.5 allows physical attacker to view the screen that is previously running without authentication | |||
| CVE-2021-25505 | 0.00 | — | 0.00 | Nov 5, 2021 | Improper authentication in Samsung Pass prior to 3.0.02.4 allows to use app without authentication when lockscreen is unlocked. |
- CVE-2024-49405Nov 6, 2024risk 0.00cvss —epss 0.00
Improper authentication in Private Info in Samsung Pass in prior to version 4.4.04.7 allows physical attackers to access sensitive information in a specific scenario.
- CVE-2023-42576Dec 5, 2023risk 0.00cvss —epss 0.00
Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid exception handler.
- CVE-2023-42575Dec 5, 2023risk 0.00cvss —epss 0.00
Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid flag setting.
- CVE-2023-42554Nov 7, 2023risk 0.00cvss —epss 0.00
Improper Authentication vulnerabiity in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication.
- CVE-2023-30677Jul 6, 2023risk 0.00cvss —epss 0.00
Improper access control vulnerability in Samsung Pass prior to version 4.2.03.1 allows physical attackers to access data of Samsung Pass on a certain state of an unlocked device.
- CVE-2023-30676Jul 6, 2023risk 0.00cvss —epss 0.00
Improper access control vulnerability in Samsung Pass prior to version 4.2.03.1 allows physical attackers to access data of Samsung Pass.
- CVE-2023-30675Jul 6, 2023risk 0.00cvss —epss 0.00
Improper authentication in Samsung Pass prior to version 4.2.03.1 allows local attacker to access stored account information when Samsung Wallet is not installed.
- CVE-2022-39910Dec 8, 2022risk 0.00cvss —epss 0.00
Improper access control vulnerability in Samsung Pass prior to version 4.0.06.7 allow physical attackers to access data of Samsung Pass on a certain state of an unlocked device using pop-up view.
- CVE-2022-39911Dec 8, 2022risk 0.00cvss —epss 0.00
Improper check or handling of exceptional conditions vulnerability in Samsung Pass prior to version 4.0.06.1 allows attacker to access Samsung Pass.
- CVE-2022-39892Nov 9, 2022risk 0.00cvss —epss 0.00
Improper access control in Samsung Pass prior to version 4.0.05.1 allows attackers to unauthenticated access via keep open feature.
- CVE-2022-36851Sep 9, 2022risk 0.00cvss —epss 0.00
Improper access control vulnerability in Samsung pass prior to version 4.0.03.1 allow physical attackers to access data of Samsung pass on a certain state of an unlocked device.
- CVE-2022-36876Sep 9, 2022risk 0.00cvss —epss 0.00
Improper authorization in UPI payment in Samsung Pass prior to version 4.0.04.10 allows physical attackers to access account list without authentication.
- CVE-2022-30730Jun 7, 2022risk 0.00cvss —epss 0.00
Improper authorization in Samsung Pass prior to 1.0.00.33 allows physical attackers to acess account list without authentication.
- CVE-2022-27841Apr 11, 2022risk 0.00cvss —epss 0.00
Improper exception handling in Samsung Pass prior to version 3.7.07.5 allows physical attacker to view the screen that is previously running without authentication
- CVE-2021-25505Nov 5, 2021risk 0.00cvss —epss 0.00
Improper authentication in Samsung Pass prior to 3.0.02.4 allows to use app without authentication when lockscreen is unlocked.