← back
CVE-2022-28778

CVE-2022-28778

CVSS 4.4 MEDIUMEPSS 0.2%CWE-284
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.4EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
11 Apr 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Improper access control vulnerability in Samsung Security Supporter prior to version 1.2.40.0 allows attacker to set the arbitrary folder as Secret Folder without Samsung Security Supporter permission
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Affected products
Samsung Mobile · Samsung Security Supporter

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=4