CVE-2022-30749
First published: Tue Jun 07 2022(Updated: )
Improper access control vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to add arbitrary smart devices by bypassing login activity.
Credit: mobile.security@samsung.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samsung Smartthings | <1.7.85.25 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2022-30749?
The severity of CVE-2022-30749 is rated as high with a CVSS score of 7.8.
How can I mitigate the improper access control vulnerability in Smart Things prior to 1.7.85.25?
To mitigate the vulnerability, update Smart Things to version 1.7.85.25 or later to prevent local attackers from adding arbitrary smart devices.
- collector/nvd-index
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/author
- agent/references
- agent/softwarecombine
- agent/type
- agent/first-publish-date
- agent/event
- agent/description
- agent/tags
- vendor/samsung
- canonical/samsung smartthings