Samsung

Smartthings

17 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-2233

  • EPSS 0.04%
  • Published 11.03.2025 22:30:44
  • Last modified 08.08.2025 01:25:21

Samsung SmartThings Improper Verification of Cryptographic Signature Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Samsung SmartThings. Authentication i...

5.5

CVE-2024-49416

  • EPSS 0.03%
  • Published 03.12.2024 06:15:09
  • Last modified 17.07.2025 17:21:52

Use of implicit intent for sensitive communication in SmartThings prior to version 1.8.21 allows local attackers to get sensitive information.

7.5

CVE-2024-34596

  • EPSS 0.27%
  • Published 02.07.2024 10:15:08
  • Last modified 21.11.2024 09:19:02

Improper authentication in SmartThings prior to version 1.8.17 allows remote attackers to bypass the expiration date for members set by the owner.

3.3

CVE-2024-20852

  • EPSS 0.08%
  • Published 02.04.2024 03:15:10
  • Last modified 17.07.2025 17:11:58

Improper verification of intent by broadcast receiver vulnerability in SmartThings prior to version 1.8.13.22 allows local attackers to access testing configuration.

7.5

CVE-2022-39867

  • EPSS 0.21%
  • Published 07.10.2022 15:15:22
  • Last modified 21.11.2024 07:18:25

Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via SHOW_PERSISTENT_BANNER broadcast.

7.5

CVE-2022-39871

  • EPSS 0.15%
  • Published 07.10.2022 15:15:22
  • Last modified 21.11.2024 07:18:25

Improper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcasts.

7.5

CVE-2022-39870

  • EPSS 0.15%
  • Published 07.10.2022 15:15:22
  • Last modified 21.11.2024 07:18:25

Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via PUSH_MESSAGE_RECEIVED broadcast.

7.5

CVE-2022-39869

  • EPSS 0.15%
  • Published 07.10.2022 15:15:22
  • Last modified 21.11.2024 07:18:25

Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via REMOVE_PERSISTENT_BANNER broadcast.

7.5

CVE-2022-39868

  • EPSS 0.21%
  • Published 07.10.2022 15:15:22
  • Last modified 21.11.2024 07:18:25

Improper access control vulnerability in GedSamsungAccount.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.

7.5

CVE-2022-39866

  • EPSS 0.21%
  • Published 07.10.2022 15:15:21
  • Last modified 21.11.2024 07:18:25

Improper access control vulnerability in RegisteredEventMediator.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.