CVE-2022-39893

EUVD-2022-42338
Sensitive information exposure vulnerability in FmmBaseModel in Galaxy Buds Pro Manage prior to version 4.1.22092751 allows local attackers with log access permission to get device identifier data through device log.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.3 LOW
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Samsung MobileCNA
3.3 LOW
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
Affected Products (NVD)
VendorProductVersion
samsunggalaxy_buds_pro_manage
𝑥
< 4.1.22092751
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=11
https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=11