CVE-2022-39877

Summary

Improper access control vulnerability in ProfileSharingAccount in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to identify the device.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileGroup Sharingunspecified < 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and belowaffected

Weaknesses

  • CWE-284: CWE-284 Improper Access Control

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References