CVE-2022-33712

Published Jul 12, 2022

Last updated 2 years ago

CVSS medium 5.3

Overview

Description: Intent redirection vulnerability using implict intent in Camera prior to versions 12.0.01.64 ,12.0.3.23, 12.0.0.98, 12.0.6.11, 12.0.3.19 in Android S(12) allows attacker to get sensitive information.
Source: mobile.security@samsung.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.3
Impact score: 1.4
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-601
mobile.security@samsung.com: CWE-285

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:samsung:camera:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5406FBBC-CDBD-45ED-8744-AC1F14EE266B",
            "versionEndExcluding": "12.0.0.98"
          },
          {
            "criteria": "cpe:2.3:a:samsung:camera:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "001304A1-C83D-4913-8832-A82FA0E3C20D",
            "versionEndExcluding": "12.0.01.64",
            "versionStartExcluding": "12.0.01.0"
          },
          {
            "criteria": "cpe:2.3:a:samsung:camera:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "67B0C844-DDE7-4082-AB13-2FB8EA91384F",
            "versionEndExcluding": "12.0.3.19",
            "versionStartExcluding": "12.0.3.0"
          },
          {
            "criteria": "cpe:2.3:a:samsung:camera:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2FE48B3B-1747-4F40-8622-8A9D3180B700",
            "versionEndExcluding": "12.0.3.23",
            "versionStartExcluding": "12.0.3.19"
          },
          {
            "criteria": "cpe:2.3:a:samsung:camera:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A5C8D91-643C-40B2-9C05-1F3DE05B25CF",
            "versionEndExcluding": "12.0.6.11",
            "versionStartExcluding": "12.0.6.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References