CVE-2022-33734

Name of the Vulnerable Software and Affected Versions Charm by Samsung versions prior to 1.2.3

Description The issue allows an attacker to obtain Bluetooth connection information without permission due to sensitive information exposure in the onCharacteristicChanged function.

Recommendations For versions prior to 1.2.3, update to version 1.2.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the onCharacteristicChanged function until a patch is available.