CVE-2022-40757

EPSS 0.40% · P61 Updated Feb 26, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-40757

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACComputeFinal with an excessive size value of messageLen.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

SAMSUNG mTower 缓冲区错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

SAMSUNG mTower是韩国三星（SAMSUNG）公司的一种新的可信执行环境 (TEE)。 SAMSUNG mTower 0.3.0之前的版本存在安全漏洞，该漏洞源于其TEE_MACComputeFinal函数中具有错误长度值漏洞的缓冲区访问允许受信任的应用程序通过调用大小值为“messageLen”的函数TEE_MACComputeFinal来触发拒绝服务。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2022-40757

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-40757

请登录查看更多情报信息。

Same Patch Batch · n/a · 2022-09-16 · 63 CVEs total

CVE-2022-26959	10.0 CRITICAL	Northstar Club Management SQL注入漏洞
CVE-2022-38845		EspoCRM 跨站脚本漏洞
CVE-2022-36533		Syncovery 跨站脚本漏洞
CVE-2022-34002		Assura Personnel Data Systems Vista 7 路径遍历漏洞
CVE-2022-35415		National Instruments System Configuration Manager 输入验证错误漏洞
CVE-2022-36532		Bolt Financial Bolt CMS 安全漏洞
CVE-2020-23557		IrfanView 缓冲区错误漏洞
CVE-2020-23558		IrfanView 缓冲区错误漏洞
CVE-2020-23559		IrfanView 缓冲区错误漏洞
CVE-2020-23560		IrfanView 缓冲区错误漏洞
CVE-2022-38846		EspoCRM 安全漏洞
CVE-2020-23555		IrfanView 缓冲区错误漏洞
CVE-2022-38844		EspoCRM 安全漏洞
CVE-2022-38843		EspoCRM 代码问题漏洞
CVE-2022-38808		ywoa SQL注入漏洞
CVE-2022-38828		TOTOLINK T6 操作系统命令注入漏洞
CVE-2022-38827		TOTOLINK T6 命令注入漏洞
CVE-2022-38826		TOTOLINK T6 操作系统命令注入漏洞
CVE-2022-38823		TOTOLINK T6 信任管理问题漏洞
CVE-2022-38831		Tenda RX9 Pro 安全漏洞

Showing top 20 of 63 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2022-40757

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2022-40757

I. Basic Information for CVE-2022-40757

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-40757

III. Intelligence Information for CVE-2022-40757

Same Patch Batch · n/a · 2022-09-16 · 63 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2022-40757

Leave a comment