PT-2022-15337 · Samsung · Samsung Android

Published

2021-11-27

Updated

2022-04-08

CVE-2022-22292

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Telecom versions prior to SMR Feb-2022 Release 1

Description The issue concerns an unprotected dynamic receiver that allows untrusted applications to launch arbitrary activity. This could potentially be exploited to hack Samsung Android devices.

Recommendations For versions prior to SMR Feb-2022 Release 1, update to SMR Feb-2022 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to untrusted applications to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-280

Related Identifiers

BDU:2022-04978

CVE-2022-22292

Affected Products

Samsung Android

PT-2022-15337 · Samsung · Samsung Android

CVE-2022-22292

Weakness Enumeration

Related Identifiers

Affected Products

References · 10