CVE-2022-36876

Summary

Improper authorization in UPI payment in Samsung Pass prior to version 4.0.04.10 allows physical attackers to access account list without authentication.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileSamsung Passunspecified < 4.0.04.10affected

Weaknesses

  • CWE-285: CWE-285 Improper Authorization

ADP Enrichment

CVE Program Container

Additional References

References