CVE-2022-39893
First published: Wed Nov 09 2022(Updated: )
Sensitive information exposure vulnerability in FmmBaseModel in Galaxy Buds Pro Manage prior to version 4.1.22092751 allows local attackers with log access permission to get device identifier data through device log.
Credit: mobile.security@samsung.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samsung Galaxy Buds Pro Manage | <4.1.22092751 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2022-39893?
CVE-2022-39893 is rated as a medium severity vulnerability.
How do I fix CVE-2022-39893?
To fix CVE-2022-39893, update the Galaxy Buds Pro Manage app to version 4.1.22092751 or later.
What type of data is exposed in CVE-2022-39893?
CVE-2022-39893 exposes device identifier data to local attackers with log access permissions.
Who is affected by CVE-2022-39893?
Users of Samsung Galaxy Buds Pro Manage prior to version 4.1.22092751 are affected by CVE-2022-39893.
Is remote exploitation possible with CVE-2022-39893?
No, CVE-2022-39893 requires local access to exploit the sensitive information exposure.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/references
- agent/first-publish-date
- agent/description
- agent/tags
- agent/event
- agent/source
- vendor/samsung
- canonical/samsung galaxy buds pro manage