Mart1N

**Name of the Vulnerable Software and Affected Versions** SoftSim TA versions prior to SMR Mar-2023 Release 1 **Description** The issue is related to improper input validation, which allows local attackers to access protected data. **Recommendations** For versions prior to SMR Mar-2023 Release 1, update to SMR Mar-2023 Release 1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** GalaxyWatch4Plugin versions prior to 2.2.11.22101351 and 2.2.12.22101351 **Description** The issue is related to improper access control, allowing attackers to access wearable device information. **Recommendations** For versions prior to 2.2.11.22101351, update to version 2.2.11.22101351 or later. For versions prior to 2.2.12.22101351, update to version 2.2.12.22101351 or later.

**Name of the Vulnerable Software and Affected Versions** Editor Lite versions prior to 4.0.41.3 **Description** A heap overflow vulnerability exists in the `parse pce` function in `libsavsaudio.so` of Editor Lite. This issue allows an attacker to obtain information. **Recommendations** For versions prior to 4.0.41.3, update to version 4.0.41.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the `libsavsaudio.so` library until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** Samsung Pass versions prior to 4.0.05.1 **Description** The issue is related to improper access control, allowing attackers to gain unauthenticated access through the keep open feature. **Recommendations** For versions prior to 4.0.05.1, update to version 4.0.05.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Galaxy Buds Pro Manage versions prior to 4.1.22092751 **Description** The issue allows local attackers with log access permission to obtain device identifier data through device logs. This is due to a sensitive information exposure vulnerability in FmmBaseModel. **Recommendations** For versions prior to 4.1.22092751, update to version 4.1.22092751 or later to resolve the issue. As a temporary workaround, consider restricting log access permission to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** libSDKRecognitionText.spensdk.samsung.so library (affected versions not specified) **Description** A heap-based overflow vulnerability in the `LoadEnvironment` function allows an attacker to cause a memory access fault. The issue is present in versions prior to the SMR Sep-2022 Release 1. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libSDKRecognitionText.spensdk.samsung.so library (affected versions not specified) **Description** A heap-based overflow vulnerability in the `PrepareRecogLibrary Part` function allows an attacker to cause a memory access fault. The issue is present in versions prior to the SMR Sep-2022 Release 1. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libSDKRecognitionText.spensdk.samsung.so library versions prior to SMR Sep-2022 Release 1 **Description** A heap-based overflow vulnerability in the `GetCorrectDbLanguageTypeEsPKc` function allows an attacker to cause a memory access fault. **Recommendations** For versions prior to SMR Sep-2022 Release 1, as a temporary workaround, consider disabling the `GetCorrectDbLanguageTypeEsPKc` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libSDKRecognitionText.spensdk.samsung.so library (affected versions not specified) **Description** A heap-based overflow issue in the `prepareRecogLibrary` function allows an attacker to cause a memory access fault. The estimated number of potentially affected devices and details about real-world incidents are not provided. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libSDKRecognitionText.spensdk.samsung.so library (affected versions not specified) **Description** A heap-based overflow issue in the `MHW RECOG LIB INFO` function allows an attacker to cause a memory access fault. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libSDKRecognitionText.spensdk.samsung.so versions prior to SMR Sep-2022 Release 1 **Description** A heap-based overflow issue in the MHW RECOG LIB INFO function allows an attacker to cause a memory access fault. **Recommendations** For versions prior to SMR Sep-2022 Release 1, as a temporary workaround, consider disabling the MHW RECOG LIB INFO function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** libSDKRecognitionText.spensdk.samsung.so versions prior to SMR Sep-2022 Release 1 **Description** A heap-based overflow issue in the ConstructDictionary function allows an attacker to cause a memory access fault. **Recommendations** For versions prior to SMR Sep-2022 Release 1, update to a version that includes the SMR Sep-2022 Release 1 or later to resolve the issue.