Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-24931

CVSS 7.9 · High EPSS 0.01% · P3
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-24931

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Improper access control vulnerability in dynamic receiver in ApkInstaller prior to SMR MAR-2022 Release allows unauthorized attackers to execute arbitrary activity without a proper permission
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
特权管理不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
Samsung ApkInstaller 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Samsung ApkInstaller是韩国三星(Samsung)公司的一个工具。用于从 Android 存储卡安装 Apk 文件。 Samsung ApkInstaller 中的动态接收器存在安全漏洞,该漏洞允许未经授权的攻击者在未经适当许可的情况下执行任意操作。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Samsung MobileSamsung Mobile Devices Q(10), R(11) ~ SMR Mar-2022 Release 1 -

II. Public POCs for CVE-2022-24931

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2022-24931

登录查看更多情报信息。

Same Patch Batch · Samsung Mobile · 2022-03-08 · 22 CVEs total

CVE-2022-258186.5 MEDIUMUWB stack 缓冲区错误漏洞
CVE-2022-258256.2 MEDIUMSamsung Account 授权问题漏洞
CVE-2022-249285.9 MEDIUMSamsung RKP 安全漏洞
CVE-2022-258145.5 MEDIUMWearable Manager Installer 安全漏洞
CVE-2022-258155.5 MEDIUMSamsung Weather application 安全漏洞
CVE-2022-258195.3 MEDIUMSamsung hdcp2缓冲区错误漏洞
CVE-2022-249304.4 MEDIUMSAMSUNG Wear Os 安全漏洞
CVE-2022-249324.2 MEDIUMSamsung Setup wizard process安全漏洞
CVE-2022-258204.2 MEDIUMSamsung fingerprint matching algorithm 安全漏洞
CVE-2022-249294.1 MEDIUMSamsung AppLock 安全漏洞
CVE-2022-258164.1 MEDIUMSamsung Lock and mask apps setting 授权问题漏洞
CVE-2022-258174.0 MEDIUMSAMSUNG One UI Home 安全漏洞
CVE-2022-258224.0 MEDIUMSamsung sdp driver 资源管理错误漏洞
CVE-2022-258244.0 MEDIUMSamsung Bixby Touch安全漏洞
CVE-2022-258213.3 LOWSamsung Shannon缓冲区错误漏洞
CVE-2022-258231.9 LOWSamsung Galaxy Watch Plugin 日志信息泄露漏洞
CVE-2022-258261.9 LOWSamsung Galaxy S3 Plugin 日志信息泄露漏洞
CVE-2022-258271.9 LOWSAMSUNG Watch Active Plugin 日志信息泄露漏洞
CVE-2022-258281.9 LOWSAMSUNG Watch Active Plugin 日志信息泄露漏洞
CVE-2022-258291.9 LOWSAMSUNG Watch Active2 Plugin 日志信息泄露漏洞

Showing top 20 of 22 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Samsung Mobile Devices
Same vendor: Samsung Mobile
Same weakness: CWE-269

V. Comments for CVE-2022-24931

No comments yet

Leave a comment