CVE-2022-23433

Published: Feb 11, 2022Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S(12), 12.2.05.6000 in Android R(11) and 11.6.08.6000 in Andoid Q(10) allows attackers to register reminders or execute exporeted activities remotely.

Affected (3)

Products: Samsung: Reminder

Samsung

1 product

Reminder

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Samsung Reminder	Before 12.3.01.3000

Running on/with	Platform Versions
Google Android	Version 12.0

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Samsung Reminder	Before 12.2.05.6000

Running on/with	Platform Versions
Google Android	Version 11.0

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Samsung Reminder	Before 11.6.08.6000

Running on/with	Platform Versions
Google Android	Version 10.0

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=2

Source: mobile.security@samsung.com

Vendor Advisory

https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=2

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.