CVE-2022-36840
MEDIUMSamsung Update < 2.2.9.50 - Uncontrolled Search Path
Title source: ruleDescription
DLL hijacking vulnerability in Samsung Update Setup prior to version 2.2.9.50 allows attackers to execute arbitrary code.
Scores
CVSS v3
4.5
EPSS
0.0006
EPSS Percentile
18.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Classification
CWE
CWE-427
Status
published
Affected Products (1)
samsung/update
< 2.2.9.50
Timeline
Published
Aug 05, 2022
Tracked Since
Feb 18, 2026