CVE-2022-36871
5
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:L
Summary
Pending Intent hijacking vulnerability in NotiCenterUtils in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Samsung Mobile | Samsung Pay | unspecified < 5.0.63 for KR and 5.1.47 for Global | affected |
Weaknesses
- CWE-285: CWE-285 Improper Authorization
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.