CVE-2022-36857 LOW

CVE-2022-36857

Vendor Samsung Mobile
Product Samsung Mobile Devices
Weakness CWE-285
Published September 9, 2022
Last update August 3, 2024
View on NVD All CVEs

CVSS base score

1.9/10
Attack vector Physical
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows physical attackers to read internal application data.

Key dates

02Disclosure timeline

September 9, 2022 CVE published
August 3, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2026-10282 Bottelet DaybydayCRM DocumentsController.php view improper authorization CVE-2025-30392 Azure AI Bot Elevation of Privilege Vulnerability CVE-2024-11768 Download manager <= 3.3.03 - Improper Authorization to Unauthenticated Download of Password-Protected Files CVE-2026-10580 Hippoo Mobile App for WooCommerce <= 1.9.4 - Unauthenticated Authentication Bypass to Administrator Account Takeover via REST API CVE-2026-2141 WuKongOpenSource WukongCRM URL PermissionServiceImpl.java improper authorization