Lucene search
Samsung MobileCVE-2022-36844HistorySep 09, 2022 - 3:15 p.m.
CVE-2022-36844
2022-09-0915:15:11
CWE-787
CWE-122
Samsung Mobile
web.nvd.nist.gov
26
4
cve-2022-36844
vulnerability
hwr
engjudgemodel
construct
libsdkrecognitiontext
spensdk
samsung
smr sep-2022 release 1
memory access fault
nvd
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.5
Confidence
High
EPSS
0
Percentile
12.6%
A heap-based overflow vulnerability in HWR::EngJudgeModel::Construct() in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
Affected configurations
Node
googleandroidMatch10.0
ORgoogleandroidMatch11.0
ORgoogleandroidMatch12.0
CNA Affected
[
{
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"lessThan": "SMR Sep-2022 Release 1",
"status": "affected",
"version": "Q(10), R(11), S(12)",
"versionType": "custom"
}
]
}
]Social References
More
Related
nvd
nvd
CVE-2022-36844
2022-09-09 15:15:11
prion
prion
Heap overflow
2022-09-09 15:15:00
cvelist
cvelist
CVE-2022-36844
2022-09-09 14:39:59
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.5
Confidence
High
EPSS
0
Percentile
12.6%
Related for CVE-2022-36844