CVE-2022-28776

Name of the Vulnerable Software and Affected Versions Galaxy Store versions prior to 4.5.36.4

Description The issue is related to improper access control in the Galaxy Store, allowing an attacker to install applications without user interaction. This can be exploited by manipulating the intent received by the Galaxy App Store, forcing it to automatically install other applications onto the victim's device without consent.

Recommendations For Galaxy Store versions prior to 4.5.36.4, update to version 4.5.36.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the Galaxy Store until the update is applied.