CVE-2022-22284 MEDIUM

CVE-2022-22284

Vendor Samsung Mobile
Product Samsung Internet
Weakness CWE-287 · Improper authentication
Published January 7, 2022
Last update August 3, 2024

CVSS base score

5.7/10
Attack vector Local
Attack complexity High
Privileges required None
User interaction None
Confidentiality Low
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

What the vulnerability does

01Description

Improper authentication vulnerability in Samsung Internet prior to 16.0.2.19 allows attackers to bypass secret mode password authentication

Key dates

02Disclosure timeline

January 7, 2022 CVE published
August 3, 2024 Record updated