CVE-2022-36870 - CERT CVE
ID CVE-2022-36870
Sažetak Pending Intent hijacking vulnerability in MTransferNotificationManager in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent.
Reference
CVSS
Base: 6.5
Impact: 4.0
Exploitability:2.0
Pristup
VektorSloženostAutentikacija
LOCAL LOW -
Impact
PovjerljivostCjelovitostDostupnost
HIGH NONE NONE
CVSS vektor CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Zadnje važnije ažuriranje 01-10-2022 - 02:18
Objavljeno 09-09-2022 - 15:15