CVE-2022-23998: Input Validation
First published: Fri Feb 11 2022(Updated: )
Improper access control vulnerability in Camera prior to versions 11.1.02.16 in Android R(11), 10.5.03.77 in Android Q(10) and 9.0.6.68 in Android P(9) allows untrusted applications to take a picture in screenlock status.
Credit: mobile.security@samsung.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samsung Camera | <11.1.02.16 | |
| Google Android | =11.0 | |
| Samsung Camera | <10.5.03.77 | |
| Google Android | =10.0 | |
| Samsung Camera | <9.0.6.68 | |
| Google Android | =9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2022-23998.
What is the severity of CVE-2022-23998?
CVE-2022-23998 has a severity rating of medium (5.5).
Which software versions are affected by CVE-2022-23998?
The affected software versions are: Samsung Camera prior to version 11.1.02.16 in Android R(11), 10.5.03.77 in Android Q(10), and 9.0.6.68 in Android P(9).
What is the vulnerability description of CVE-2022-23998?
CVE-2022-23998 is an improper access control vulnerability in Camera that allows untrusted applications to take a picture in screenlock status.
Is Google Android vulnerable to CVE-2022-23998?
No, Google Android is not vulnerable to CVE-2022-23998.
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/mitre-cve
- source/MITRE
- vendor/samsung
- canonical/samsung camera
- vendor/google
- canonical/google android
- version/google android/11.0
- version/google android/10.0
- version/google android/9.0