Zraxx

**Name of the Vulnerable Software and Affected Versions** SoftSim TA versions prior to SMR Mar-2023 Release 1 **Description** The issue is related to improper input validation, which allows local attackers to access protected data. **Recommendations** For versions prior to SMR Mar-2023 Release 1, update to SMR Mar-2023 Release 1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** GalaxyWatch4Plugin versions prior to 2.2.11.22101351 and 2.2.12.22101351 **Description** The issue is related to improper access control, allowing attackers to access wearable device information. **Recommendations** For versions prior to 2.2.11.22101351, update to version 2.2.11.22101351 or later. For versions prior to 2.2.12.22101351, update to version 2.2.12.22101351 or later.

**Name of the Vulnerable Software and Affected Versions** Editor Lite versions prior to 4.0.41.3 **Description** A heap overflow vulnerability exists in the `parse pce` function in `libsavsaudio.so` of Editor Lite. This issue allows an attacker to obtain information. **Recommendations** For versions prior to 4.0.41.3, update to version 4.0.41.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the `libsavsaudio.so` library until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** Samsung Pass versions prior to 4.0.05.1 **Description** The issue is related to improper access control, allowing attackers to gain unauthenticated access through the keep open feature. **Recommendations** For versions prior to 4.0.05.1, update to version 4.0.05.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Galaxy Buds Pro Manage versions prior to 4.1.22092751 **Description** The issue allows local attackers with log access permission to obtain device identifier data through device logs. This is due to a sensitive information exposure vulnerability in FmmBaseModel. **Recommendations** For versions prior to 4.1.22092751, update to version 4.1.22092751 or later to resolve the issue. As a temporary workaround, consider restricting log access permission to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** libSDKRecognitionText.spensdk.samsung.so versions prior to SMR Sep-2022 Release 1 **Description** A heap-based overflow issue in the MHW RECOG LIB INFO function allows an attacker to cause a memory access fault. **Recommendations** For versions prior to SMR Sep-2022 Release 1, as a temporary workaround, consider disabling the MHW RECOG LIB INFO function until a patch is available.