CVE-2022-22264

Summary

Improper sanitization of incoming intent in Dressroom prior to SMR Jan-2022 Release 1 allows local attackers to read and write arbitrary files without permission.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileSamsung Mobile DevicesQ(10.0), R(11.0), S(12.0) < SMR Jan-2022 Release 1affected

Weaknesses

  • CWE-20: CWE-20: Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

References