CVE-2022-23434
Published Feb 11, 2022
Last updated 3 years ago
Overview
- Description
- A vulnerability using PendingIntent in Bixby Vision prior to versions 3.7.60.8 in Android S(12), 3.7.50.6 in Andorid R(11) and below allows attackers to execute privileged action by hijacking and modifying the intent.
- Source
- mobile.security@samsung.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 3.3
- Impact score
- 1.4
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
- Severity
- LOW
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
- mobile.security@samsung.com
- CWE-94
Configurations
[ { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:a:samsung:bixby:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3BB48A53-E645-4E0F-819B-FFE22A9FDC5D", "versionEndExcluding": "3.7.50.6" } ], "operator": "OR" }, { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" } ], "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:a:samsung:bixby:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF8ED854-4E43-48EC-9B5E-2327A76B56D4", "versionEndExcluding": "3.7.60.8" } ], "operator": "OR" }, { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" } ], "operator": "OR" } ], "operator": "AND" } ]