CVE-2022-39915

LOW

Samsung Calendar < 11.6.08.0 - Improper Access Control via Implicit Intent

Title source: llm
STIX 2.1

Description

Improper access control vulnerability in Calendar prior to versions 11.6.08.0 in Android Q(10), 12.2.11.3000 in Android R(11), 12.3.07.2000 in Android S(12), and 12.4.02.0 in Android T(13) allows attackers to access sensitive information via implicit intent.

References (1)

Core 1

Scores

CVSS v3 3.3
EPSS 0.0011
EPSS Percentile 29.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-284
Status published
Products (1)
samsung/calendar < 11.6.08.0
Published Dec 08, 2022
Tracked Since Feb 18, 2026