CVE-2022-36870

Summary

Pending Intent hijacking vulnerability in MTransferNotificationManager in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileSamsung Payunspecified < 5.0.63 for KR and 5.1.47 for Globalaffected

Weaknesses

  • CWE-285: CWE-285 Improper Authorization

ADP Enrichment

CVE Program Container

Additional References

References