4.6

CVE-2022-44636

The Samsung TV (2021 and 2022 model) smart remote control allows attackers to enable microphone access via Bluetooth spoofing when a user is activating remote control by pressing a button. This is fixed in xxx72510, E9172511 for 2021 models, xxxA1000, 4x2A0200 for 2022 models.

Data is provided by the National Vulnerability Database (NVD)
SamsungT-oscpakuc Firmware Version-
   SamsungT-oscpakuc Version-
SamsungT-oscpdeuc Firmware Version-
   SamsungT-oscpdeuc Version-
SamsungT-oscpuabc Firmware Version-
   SamsungT-oscpuabc Version-
SamsungT-nkm2akuc Firmware Version-
   SamsungT-nkm2akuc Version-
SamsungT-nkm2deuc Firmware Version-
   SamsungT-nkm2deuc Version-
SamsungT-nkm2uabc Firmware Version-
   SamsungT-nkm2uabc Version-
SamsungT-nklakuc Firmware Version-
   SamsungT-nklakuc Version-
SamsungT-nkldeuc Firmware Version-
   SamsungT-nkldeuc Version-
SamsungT-nkluabc Firmware Version-
   SamsungT-nkluabc Version-
SamsungT-ksu2eakuc Firmware Version-
   SamsungT-ksu2eakuc Version-
SamsungT-ksu2edeuc Firmware Version-
   SamsungT-ksu2edeuc Version-
SamsungT-ksu2euab Firmware Version-
   SamsungT-ksu2euab Version-
SamsungT-ptmakuc Firmware Version-
   SamsungT-ptmakuc Version-
SamsungT-ptmdeuc Firmware Version-
   SamsungT-ptmdeuc Version-
SamsungT-ptmuabc Firmware Version-
   SamsungT-ptmuabc Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.13% 0.327
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.6 2.1 2.5
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.6 2.1 2.5
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
CWE-290 Authentication Bypass by Spoofing

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

https://samsung.com
Vendor Advisory