Vendor CVEs
Samsung Mobile
All CVEs
2,204 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-21428 | 0.00 | — | 0.00 | Feb 9, 2023 | Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code. | |||
| CVE-2023-21422 | 0.00 | — | 0.00 | Feb 9, 2023 | Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding WifiService. | |||
| CVE-2023-21434 | 0.00 | — | 0.13 | Feb 9, 2023 | Improper input validation vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to execute JavaScript by launching a web page. | |||
| CVE-2023-21423 | 0.00 | — | 0.00 | Feb 9, 2023 | Improper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1 allows attacker to control BLE advertising without permission using unprotected action. | |||
| CVE-2023-20613 | 0.00 | — | 0.00 | Feb 6, 2023 | In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628614; Issue ID: ALPS07628614. | |||
| CVE-2023-20614 | 0.00 | — | 0.00 | Feb 6, 2023 | In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628615; Issue ID: ALPS07628615. | |||
| CVE-2022-44636 | 0.00 | — | 0.00 | Dec 13, 2022 | The Samsung TV (2021 and 2022 model) smart remote control allows attackers to enable microphone access via Bluetooth spoofing when a user is activating remote control by pressing a button. This is fixed in xxx72510, E9172511 for 2021 models, xxxA1000, 4x2A0200 for 2022 models. | |||
| CVE-2022-39898 | 0.00 | — | 0.00 | Dec 8, 2022 | Improper access control vulnerability in IIccPhoneBook prior to SMR Dec-2022 Release 1 allows attackers to access some information of usim. | |||
| CVE-2022-39901 | 0.00 | — | 0.00 | Dec 8, 2022 | Improper authentication in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to disable the network traffic encryption between UE and gNodeB. | |||
| CVE-2022-39905 | 0.00 | — | 0.00 | Dec 8, 2022 | Implicit intent hijacking vulnerability in Telecom application prior to SMR Dec-2022 Release 1 allows attacker to access sensitive information via implicit intent. | |||
| CVE-2022-39904 | 0.00 | — | 0.00 | Dec 8, 2022 | Exposure of Sensitive Information vulnerability in Samsung Settings prior to SMR Dec-2022 Release 1 allows local attackers to access the Network Access Identifier via log. | |||
| CVE-2022-39911 | 0.00 | — | 0.00 | Dec 8, 2022 | Improper check or handling of exceptional conditions vulnerability in Samsung Pass prior to version 4.0.06.1 allows attacker to access Samsung Pass. | |||
| CVE-2022-39908 | 0.00 | — | 0.00 | Dec 8, 2022 | TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write. | |||
| CVE-2022-39906 | 0.00 | — | 0.00 | Dec 8, 2022 | Improper access control vulnerability in SecTelephonyProvider prior to SMR Dec-2022 Release 1 allows attackers to access message information. | |||
| CVE-2022-39895 | 0.00 | — | 0.00 | Dec 8, 2022 | Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 allows to access contact group information via implicit intent. | |||
| CVE-2022-39897 | 0.00 | — | 0.00 | Dec 8, 2022 | Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via log. | |||
| CVE-2022-39909 | 0.00 | — | 0.00 | Dec 8, 2022 | Insufficient verification of data authenticity vulnerability in Samsung Gear IconX PC Manager prior to version 2.1.221019.51 allows local attackers to create arbitrary file using symbolic link. | |||
| CVE-2022-39894 | 0.00 | — | 0.00 | Dec 8, 2022 | Improper access control vulnerability in ContactListStartActivityHelper in Phone prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent. | |||
| CVE-2022-39907 | 0.00 | — | 0.00 | Dec 8, 2022 | Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write. | |||
| CVE-2022-39914 | 0.00 | — | 0.00 | Dec 8, 2022 | Exposure of Sensitive Information from an Unauthorized Actor vulnerability in Samsung DisplayManagerService prior to Android T(13) allows local attacker to access connected DLNA device information. | |||
| CVE-2022-39903 | 0.00 | — | 0.00 | Dec 8, 2022 | Improper access control vulnerability in RCS call prior to SMR Dec-2022 Release 1 allows local attackers to access RCS incoming call number. | |||
| CVE-2022-39900 | 0.00 | — | 0.00 | Dec 8, 2022 | Improper access control vulnerability in Nice Catch prior to SMR Dec-2022 Release 1 allows physical attackers to access contents of all toast generated in the application installed in Secure Folder through Nice Catch. | |||
| CVE-2022-39912 | 0.00 | — | 0.00 | Dec 8, 2022 | Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in PersonaManagerService prior to Android T(13) allows local attackers to set some setting value in Secure folder. | |||
| CVE-2022-39913 | 0.00 | — | 0.00 | Dec 8, 2022 | Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T(13) allows local attacker to access user profiles information. | |||
| CVE-2022-39910 | 0.00 | — | 0.00 | Dec 8, 2022 | Improper access control vulnerability in Samsung Pass prior to version 4.0.06.7 allow physical attackers to access data of Samsung Pass on a certain state of an unlocked device using pop-up view. | |||
| CVE-2022-39899 | 0.00 | — | 0.00 | Dec 8, 2022 | Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1 allows attacker to send the input event using S Pen gesture. | |||
| CVE-2022-39896 | 0.00 | — | 0.00 | Dec 8, 2022 | Improper access control vulnerabilities in Contacts prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent. | |||
| CVE-2022-39902 | 0.00 | — | 0.01 | Dec 8, 2022 | Improper authorization in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to get sensitive information including IMEI via emergency call. | |||
| CVE-2022-39882 | 0.00 | — | 0.00 | Nov 9, 2022 | Heap overflow vulnerability in sflacf_fal_bytes_peek function in libsmat.so library prior to SMR Nov-2022 Release 1 allows local attacker to execute arbitrary code. | |||
| CVE-2022-39891 | 0.00 | — | 0.00 | Nov 9, 2022 | Heap overflow vulnerability in parse_pce function in libsavsaudio.so in Editor Lite prior to version 4.0.41.3 allows attacker to get information. | |||
| CVE-2022-39892 | 0.00 | — | 0.00 | Nov 9, 2022 | Improper access control in Samsung Pass prior to version 4.0.05.1 allows attackers to unauthenticated access via keep open feature. | |||
| CVE-2022-39886 | 0.00 | — | 0.00 | Nov 9, 2022 | Improper access control vulnerability in IpcRxServiceModeBigDataInfo in RIL prior to SMR Nov-2022 Release 1 allows local attacker to access Device information. | |||
| CVE-2022-39881 | 0.00 | — | 0.01 | Nov 9, 2022 | Improper input validation vulnerability for processing SIB12 PDU in Exynos modems prior to SMR Sep-2022 Release allows remote attacker to read out of bounds memory. | |||
| CVE-2022-39887 | 0.00 | — | 0.00 | Nov 9, 2022 | Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to configure EDM setting. | |||
| CVE-2022-39885 | 0.00 | — | 0.00 | Nov 9, 2022 | Improper access control vulnerability in BootCompletedReceiver_CMCC in DeviceManagement prior to SMR Nov-2022 Release 1 allows local attacker to access to Device information. | |||
| CVE-2022-39883 | 0.00 | — | 0.00 | Nov 9, 2022 | Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1 allows local attacker to call privileged API. | |||
| CVE-2022-39880 | 0.00 | — | 0.00 | Nov 9, 2022 | Improper input validation vulnerability in DualOutFocusViewer prior to SMR Nov-2022 Release 1 allows local attacker to perform an arbitrary code execution. | |||
| CVE-2022-39889 | 0.00 | — | 0.00 | Nov 9, 2022 | Improper access control vulnerability in GalaxyWatch4Plugin prior to versions 2.2.11.22101351 and 2.2.12.22101351 allows attackers to access wearable device information. | |||
| CVE-2022-39893 | 0.00 | — | 0.00 | Nov 9, 2022 | Sensitive information exposure vulnerability in FmmBaseModel in Galaxy Buds Pro Manage prior to version 4.1.22092751 allows local attackers with log access permission to get device identifier data through device log. | |||
| CVE-2022-39890 | 0.00 | — | 0.00 | Nov 9, 2022 | Improper Authorization in Samsung Billing prior to version 5.0.56.0 allows attacker to get sensitive information. | |||
| CVE-2022-39884 | 0.00 | — | 0.00 | Nov 9, 2022 | Improper access control vulnerability in IImsService prior to SMR Nov-2022 Release 1 allows local attacker to access to Call information. | |||
| CVE-2022-39879 | 0.00 | — | 0.00 | Nov 9, 2022 | Improper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows local attacker to grant permission for accessing information with phone uid. | |||
| CVE-2022-32601 | 0.00 | — | 0.00 | Nov 8, 2022 | In telephony, there is a possible permission bypass due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319132; Issue ID: ALPS07319132. | |||
| CVE-2020-9285 | 0.00 | — | 0.00 | Oct 20, 2022 | Some versions of Sonos One (1st and 2nd generation) allow partial or full memory access via attacker controlled hardware that can be attached to the Mini-PCI Express slot on the motherboard that hosts the WiFi card on the device. | |||
| CVE-2022-39856 | 0.00 | — | 0.00 | Oct 7, 2022 | Improper access control vulnerability in imsservice application prior to SMR Oct-2022 Release 1 allows local attackers to access call information. | |||
| CVE-2022-39868 | 0.00 | — | 0.00 | Oct 7, 2022 | Improper access control vulnerability in GedSamsungAccount.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast. | |||
| CVE-2022-39852 | 0.00 | — | 0.00 | Oct 7, 2022 | A heap-based overflow vulnerability in makeContactAGIF in libagifencoder.quram.so library prior to SMR Oct-2022 Release 1 allows attacker to perform code execution. | |||
| CVE-2022-39866 | 0.00 | — | 0.00 | Oct 7, 2022 | Improper access control vulnerability in RegisteredEventMediator.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast. | |||
| CVE-2022-39864 | 0.00 | — | 0.00 | Oct 7, 2022 | Improper access control vulnerability in WifiSetupLaunchHelper in SmartThings prior to version 1.7.89.25 allows attackers to access sensitive information via implicit intent. | |||
| CVE-2022-39851 | 0.00 | — | 0.00 | Oct 7, 2022 | Improper access control vulnerability in CocktailBarService prior to SMR Oct-2022 Release 1 allows local attacker to bind service that require BIND_REMOTEVIEWS permission. |
- CVE-2023-21428Feb 9, 2023risk 0.00cvss —epss 0.00
Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code.
- CVE-2023-21422Feb 9, 2023risk 0.00cvss —epss 0.00
Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding WifiService.
- CVE-2023-21434Feb 9, 2023risk 0.00cvss —epss 0.13
Improper input validation vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to execute JavaScript by launching a web page.
- CVE-2023-21423Feb 9, 2023risk 0.00cvss —epss 0.00
Improper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1 allows attacker to control BLE advertising without permission using unprotected action.
- CVE-2023-20613Feb 6, 2023risk 0.00cvss —epss 0.00
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628614; Issue ID: ALPS07628614.
- CVE-2023-20614Feb 6, 2023risk 0.00cvss —epss 0.00
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628615; Issue ID: ALPS07628615.
- CVE-2022-44636Dec 13, 2022risk 0.00cvss —epss 0.00
The Samsung TV (2021 and 2022 model) smart remote control allows attackers to enable microphone access via Bluetooth spoofing when a user is activating remote control by pressing a button. This is fixed in xxx72510, E9172511 for 2021 models, xxxA1000, 4x2A0200 for 2022 models.
- CVE-2022-39898Dec 8, 2022risk 0.00cvss —epss 0.00
Improper access control vulnerability in IIccPhoneBook prior to SMR Dec-2022 Release 1 allows attackers to access some information of usim.
- CVE-2022-39901Dec 8, 2022risk 0.00cvss —epss 0.00
Improper authentication in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to disable the network traffic encryption between UE and gNodeB.
- CVE-2022-39905Dec 8, 2022risk 0.00cvss —epss 0.00
Implicit intent hijacking vulnerability in Telecom application prior to SMR Dec-2022 Release 1 allows attacker to access sensitive information via implicit intent.
- CVE-2022-39904Dec 8, 2022risk 0.00cvss —epss 0.00
Exposure of Sensitive Information vulnerability in Samsung Settings prior to SMR Dec-2022 Release 1 allows local attackers to access the Network Access Identifier via log.
- CVE-2022-39911Dec 8, 2022risk 0.00cvss —epss 0.00
Improper check or handling of exceptional conditions vulnerability in Samsung Pass prior to version 4.0.06.1 allows attacker to access Samsung Pass.
- CVE-2022-39908Dec 8, 2022risk 0.00cvss —epss 0.00
TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write.
- CVE-2022-39906Dec 8, 2022risk 0.00cvss —epss 0.00
Improper access control vulnerability in SecTelephonyProvider prior to SMR Dec-2022 Release 1 allows attackers to access message information.
- CVE-2022-39895Dec 8, 2022risk 0.00cvss —epss 0.00
Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 allows to access contact group information via implicit intent.
- CVE-2022-39897Dec 8, 2022risk 0.00cvss —epss 0.00
Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via log.
- CVE-2022-39909Dec 8, 2022risk 0.00cvss —epss 0.00
Insufficient verification of data authenticity vulnerability in Samsung Gear IconX PC Manager prior to version 2.1.221019.51 allows local attackers to create arbitrary file using symbolic link.
- CVE-2022-39894Dec 8, 2022risk 0.00cvss —epss 0.00
Improper access control vulnerability in ContactListStartActivityHelper in Phone prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent.
- CVE-2022-39907Dec 8, 2022risk 0.00cvss —epss 0.00
Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write.
- CVE-2022-39914Dec 8, 2022risk 0.00cvss —epss 0.00
Exposure of Sensitive Information from an Unauthorized Actor vulnerability in Samsung DisplayManagerService prior to Android T(13) allows local attacker to access connected DLNA device information.
- CVE-2022-39903Dec 8, 2022risk 0.00cvss —epss 0.00
Improper access control vulnerability in RCS call prior to SMR Dec-2022 Release 1 allows local attackers to access RCS incoming call number.
- CVE-2022-39900Dec 8, 2022risk 0.00cvss —epss 0.00
Improper access control vulnerability in Nice Catch prior to SMR Dec-2022 Release 1 allows physical attackers to access contents of all toast generated in the application installed in Secure Folder through Nice Catch.
- CVE-2022-39912Dec 8, 2022risk 0.00cvss —epss 0.00
Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in PersonaManagerService prior to Android T(13) allows local attackers to set some setting value in Secure folder.
- CVE-2022-39913Dec 8, 2022risk 0.00cvss —epss 0.00
Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T(13) allows local attacker to access user profiles information.
- CVE-2022-39910Dec 8, 2022risk 0.00cvss —epss 0.00
Improper access control vulnerability in Samsung Pass prior to version 4.0.06.7 allow physical attackers to access data of Samsung Pass on a certain state of an unlocked device using pop-up view.
- CVE-2022-39899Dec 8, 2022risk 0.00cvss —epss 0.00
Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1 allows attacker to send the input event using S Pen gesture.
- CVE-2022-39896Dec 8, 2022risk 0.00cvss —epss 0.00
Improper access control vulnerabilities in Contacts prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent.
- CVE-2022-39902Dec 8, 2022risk 0.00cvss —epss 0.01
Improper authorization in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to get sensitive information including IMEI via emergency call.
- CVE-2022-39882Nov 9, 2022risk 0.00cvss —epss 0.00
Heap overflow vulnerability in sflacf_fal_bytes_peek function in libsmat.so library prior to SMR Nov-2022 Release 1 allows local attacker to execute arbitrary code.
- CVE-2022-39891Nov 9, 2022risk 0.00cvss —epss 0.00
Heap overflow vulnerability in parse_pce function in libsavsaudio.so in Editor Lite prior to version 4.0.41.3 allows attacker to get information.
- CVE-2022-39892Nov 9, 2022risk 0.00cvss —epss 0.00
Improper access control in Samsung Pass prior to version 4.0.05.1 allows attackers to unauthenticated access via keep open feature.
- CVE-2022-39886Nov 9, 2022risk 0.00cvss —epss 0.00
Improper access control vulnerability in IpcRxServiceModeBigDataInfo in RIL prior to SMR Nov-2022 Release 1 allows local attacker to access Device information.
- CVE-2022-39881Nov 9, 2022risk 0.00cvss —epss 0.01
Improper input validation vulnerability for processing SIB12 PDU in Exynos modems prior to SMR Sep-2022 Release allows remote attacker to read out of bounds memory.
- CVE-2022-39887Nov 9, 2022risk 0.00cvss —epss 0.00
Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to configure EDM setting.
- CVE-2022-39885Nov 9, 2022risk 0.00cvss —epss 0.00
Improper access control vulnerability in BootCompletedReceiver_CMCC in DeviceManagement prior to SMR Nov-2022 Release 1 allows local attacker to access to Device information.
- CVE-2022-39883Nov 9, 2022risk 0.00cvss —epss 0.00
Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1 allows local attacker to call privileged API.
- CVE-2022-39880Nov 9, 2022risk 0.00cvss —epss 0.00
Improper input validation vulnerability in DualOutFocusViewer prior to SMR Nov-2022 Release 1 allows local attacker to perform an arbitrary code execution.
- CVE-2022-39889Nov 9, 2022risk 0.00cvss —epss 0.00
Improper access control vulnerability in GalaxyWatch4Plugin prior to versions 2.2.11.22101351 and 2.2.12.22101351 allows attackers to access wearable device information.
- CVE-2022-39893Nov 9, 2022risk 0.00cvss —epss 0.00
Sensitive information exposure vulnerability in FmmBaseModel in Galaxy Buds Pro Manage prior to version 4.1.22092751 allows local attackers with log access permission to get device identifier data through device log.
- CVE-2022-39890Nov 9, 2022risk 0.00cvss —epss 0.00
Improper Authorization in Samsung Billing prior to version 5.0.56.0 allows attacker to get sensitive information.
- CVE-2022-39884Nov 9, 2022risk 0.00cvss —epss 0.00
Improper access control vulnerability in IImsService prior to SMR Nov-2022 Release 1 allows local attacker to access to Call information.
- CVE-2022-39879Nov 9, 2022risk 0.00cvss —epss 0.00
Improper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows local attacker to grant permission for accessing information with phone uid.
- CVE-2022-32601Nov 8, 2022risk 0.00cvss —epss 0.00
In telephony, there is a possible permission bypass due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319132; Issue ID: ALPS07319132.
- CVE-2020-9285Oct 20, 2022risk 0.00cvss —epss 0.00
Some versions of Sonos One (1st and 2nd generation) allow partial or full memory access via attacker controlled hardware that can be attached to the Mini-PCI Express slot on the motherboard that hosts the WiFi card on the device.
- CVE-2022-39856Oct 7, 2022risk 0.00cvss —epss 0.00
Improper access control vulnerability in imsservice application prior to SMR Oct-2022 Release 1 allows local attackers to access call information.
- CVE-2022-39868Oct 7, 2022risk 0.00cvss —epss 0.00
Improper access control vulnerability in GedSamsungAccount.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.
- CVE-2022-39852Oct 7, 2022risk 0.00cvss —epss 0.00
A heap-based overflow vulnerability in makeContactAGIF in libagifencoder.quram.so library prior to SMR Oct-2022 Release 1 allows attacker to perform code execution.
- CVE-2022-39866Oct 7, 2022risk 0.00cvss —epss 0.00
Improper access control vulnerability in RegisteredEventMediator.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.
- CVE-2022-39864Oct 7, 2022risk 0.00cvss —epss 0.00
Improper access control vulnerability in WifiSetupLaunchHelper in SmartThings prior to version 1.7.89.25 allows attackers to access sensitive information via implicit intent.
- CVE-2022-39851Oct 7, 2022risk 0.00cvss —epss 0.00
Improper access control vulnerability in CocktailBarService prior to SMR Oct-2022 Release 1 allows local attacker to bind service that require BIND_REMOTEVIEWS permission.
Page 26 of 45