CVE-2022-36872 - CERT CVE
ID CVE-2022-36872
Sažetak Pending Intent hijacking vulnerability in SpayNotification in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent.
Reference
CVSS
Base: 6.5
Impact: 4.0
Exploitability:2.0
Pristup
VektorSloženostAutentikacija
LOCAL LOW -
Impact
PovjerljivostCjelovitostDostupnost
HIGH NONE NONE
CVSS vektor CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Zadnje važnije ažuriranje 01-10-2022 - 02:16
Objavljeno 09-09-2022 - 15:15