Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-39862

Improper authorization in Dynamic Lockscreen prior to SMR Sep-2022 Release 1 in Android R(11) and 3.3.03.66 in Android S(12) allows unauthorized use of javascript interface api.

Published

2022-10-07T15:15:21.290

Last Modified

2024-11-21T07:18:24.850

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

Weaknesses

Type: Secondary
CWE-285
Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	samsung	dynamic_lockscreen	< 3.3.03.66	Yes
Operating System	google	android	11.0	No
Operating System	google	android	12.0	No

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=10 Vendor Advisory ([email protected])
https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=10 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)