7.8
CVE-2022-28779
- EPSS 0.07%
- Veröffentlicht 11.04.2022 20:15:23
- Zuletzt bearbeitet 21.11.2024 06:57:55
- Quelle mobile.security@samsung.com
- Teams Watchlist Login
- Unerledigt Login
Uncontrolled search path element vulnerability in Samsung Android USB Driver windows installer program prior to version 1.7.50 allows attacker to execute arbitrary code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Samsung ≫ Android Usb Driver Windows Installer Version < 1.7.50
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.205 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 4.6 | 3.9 | 6.4 |
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
| mobile.security@samsung.com | 5.3 | 0.6 | 4.7 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:H
|
CWE-427 Uncontrolled Search Path Element
The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.