CVE-2022-28779

MEDIUM

Samsung Android USB Driver <1.7.50 - Code Injection

Title source: llm

Description

Uncontrolled search path element vulnerability in Samsung Android USB Driver windows installer program prior to version 1.7.50 allows attacker to execute arbitrary code.

References (1)

[Third Party Advisory] https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=4

Scores

CVSS v3 5.3

EPSS 0.0006

EPSS Percentile 19.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:H

Classification

CWE

CWE-427

Status published

Affected Products (1)

samsung/android_usb_driver_windows_installer < 1.7.50

Timeline

Published Apr 11, 2022

Tracked Since Feb 18, 2026