CVE-2022-24930

Summary

An Improper access control vulnerability in StRetailModeReceiver in Wear OS 3.0 prior to Firmware update MAR-2022 Release allows untrusted applications to reset default app settings without a proper permission

Affected Software

VendorProductVersion RangeStatus
Samsung MobileSamsung Wearable DevicesWear OS 3.0 < Firmware update Mar-2022 Releaseaffected

Weaknesses

  • CWE-284: CWE-284: Improper Access Control

ADP Enrichment

CVE Program Container

Additional References

References