CVE-2022-28794 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	2.2 LOW	LOCAL	HIGH	LOW	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
Samsung Mobile	CNA	2.2 LOW	LOCAL	HIGH	LOW	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 2%

Vendor	Product	Version
google	android	10.0
google	android	11.0
google	android	12.0

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-213 - Exposure of Sensitive Information Due to Incompatible Policies
The product's intended functionality exposes information to certain actors in accordance with the developer's security policy, but this information is regarded as sensitive according to the intended security policies of other stakeholders such as the product's administrator, users, or others whose information is being processed.
CWE-668 - Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

References

https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=6

https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=6