CVE-2022-30754

Description

Implicit Intent hijacking vulnerability in AppLinker prior to SMR Jul-2022 Release 1 allow allows attackers to launch certain activities with privilege of AppLinker.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

Low

Availability

Low

Affected products

Samsung Mobile / Samsung Mobile DevicesQ(10), R(11), S(12) – SMR Jul-2022 Release 1

References

MISChttps://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7