CVE-2022-39909

Summary

Insufficient verification of data authenticity vulnerability in Samsung Gear IconX PC Manager prior to version 2.1.221019.51 allows local attackers to create arbitrary file using symbolic link.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileSamsung Gear IconX PC Managerunspecified < 2.1.221019.51affected

Weaknesses

  • CWE-345: CWE-345: Insufficient Verification of Data Authenticity

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References