Description
Improper validation of integrity check vulnerability in Samsung USB Driver Windows Installer for Mobile Phones prior to version 1.7.56.0 allows local attackers to delete arbitrary directory using directory junction.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://security.samsungmobile.com/serviceWeb.smsb?year==2022&month=07
Scores
CVSS v3
5.5
EPSS
0.0014
EPSS Percentile
3.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-354
Status
published
Products (1)
samsung/android_usb_driver
< 1.7.56.0
Published
Jul 12, 2022
Tracked Since
Feb 18, 2026