CVE-2022-23433

CVSS 4.3 MEDIUMEPSS 0.6%CWE-284

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 4.3EPSS 0.6%KEV nãoPoC —Patch —

Lifecycle

11 Feb 2022Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S(12), 12.2.05.6000 in Android R(11) and 11.6.08.6000 in Andoid Q(10) allows attackers to register reminders or execute exporeted activities remotely.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Affected products

Samsung Mobile · Reminder

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=2