CVE-2022-44636
MEDIUMSamsung TV 2021-2022 Models - Authentication Bypass via Bluetooth Spoofing
Title source: llmDescription
The Samsung TV (2021 and 2022 model) smart remote control allows attackers to enable microphone access via Bluetooth spoofing when a user is activating remote control by pressing a button. This is fixed in xxx72510, E9172511 for 2021 models, xxxA1000, 4x2A0200 for 2022 models.
References (2)
Core 2
Core References
Vendor Advisory
https://samsung.com
Vendor Advisory
https://samsungtvbounty.com/securityUpdates
Scores
CVSS v3
4.6
EPSS
0.0007
EPSS Percentile
22.2%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-290
Status
published
Products (15)
samsung/t-ksu2eakuc_firmware
samsung/t-ksu2edeuc_firmware
samsung/t-ksu2euab_firmware
samsung/t-nklakuc_firmware
samsung/t-nkldeuc_firmware
samsung/t-nkluabc_firmware
samsung/t-nkm2akuc_firmware
samsung/t-nkm2deuc_firmware
samsung/t-nkm2uabc_firmware
samsung/t-oscpakuc_firmware
... and 5 more
Published
Dec 13, 2022
Tracked Since
Feb 18, 2026