Lucene search

Samsung MobileCVELIST:CVE-2022-28779

HistoryApr 11, 2022 - 7:37 p.m.

CVE-2022-28779

2022-04-1119:37:45

CWE-427

Samsung Mobile

www.cve.org

samsung usb driver

windows installer

arbitrary code execution

uncontrolled search path

CVSS3

5.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:H

EPSS

Percentile

5.1%

JSON

Uncontrolled search path element vulnerability in Samsung Android USB Driver windows installer program prior to version 1.7.50 allows attacker to execute arbitrary code.

CNA Affected

[
  {
    "product": "Samsung Android USB Driver windows installer",
    "vendor": "Samsung Mobile",
    "versions": [
      {
        "lessThan": "1.7.50",
        "status": "affected",
        "version": "-",
        "versionType": "custom"
      }
    ]
  }
]

References

security.samsungmobile.com/serviceWeb.smsb?year=2022&month=4

CVSS3

5.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:H

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2022-28779