CVE-2022-28793
CVE-2022-28793
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 4.4EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
03 may 2022Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Given the TEE is compromised and controlled by the attacker, improper state maintenance in StrongBox allows attackers to change Android ROT during device boot cycle after compromising TEE. The patch is applied in Galaxy S22 to prevent change of Android ROT after first initialization at boot time.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Productos afectados
Samsung Mobile · Samsung Mobile Devices¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →