{"vulnerability": "CVE-2022-3988", "sightings": [{"uuid": "804f0ab9-8b70-4f36-b02a-b5aff6813f9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39881", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14397", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39881\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: Improper input validation vulnerability for processing SIB12 PDU in Exynos modems prior to SMR Sep-2022 Release allows remote attacker to read out of bounds memory.\n\ud83d\udccf Published: 2022-11-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T19:34:22.405Z\n\ud83d\udd17 References:\n1. https://security.samsungmobile.com/securityUpdate.smsb?year=2022&amp;month=11", "creation_timestamp": "2025-05-01T20:16:00.000000Z"}, {"uuid": "04af7a48-8ed1-47f0-a6b9-b28dd694c9fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39880", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14396", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39880\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)\n\ud83d\udd39 Description: Improper input validation vulnerability in DualOutFocusViewer prior to SMR Nov-2022 Release 1 allows local attacker to perform an arbitrary code execution.\n\ud83d\udccf Published: 2022-11-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T19:34:47.561Z\n\ud83d\udd17 References:\n1. https://security.samsungmobile.com/securityUpdate.smsb?year=2022&amp;month=11", "creation_timestamp": "2025-05-01T20:15:59.000000Z"}, {"uuid": "41f88b90-9490-4a00-86dd-df768edfe3a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39884", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14324", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39884\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)\n\ud83d\udd39 Description: Improper access control vulnerability in IImsService prior to SMR Nov-2022 Release 1 allows local attacker to access to Call information.\n\ud83d\udccf Published: 2022-11-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T15:53:51.563Z\n\ud83d\udd17 References:\n1. https://security.samsungmobile.com/securityUpdate.smsb?year=2022&amp;month=11", "creation_timestamp": "2025-05-01T16:14:37.000000Z"}, {"uuid": "e642ef11-a455-4569-aabc-a424b92ec294", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39886", "type": "seen", "source": "https://t.me/cibsecurity/52779", "content": "\u203c CVE-2022-39886 \u203c\n\nImproper access control vulnerability in IpcRxServiceModeBigDataInfo in RIL prior to SMR Nov-2022 Release 1 allows local attacker to access Device information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-10T00:49:24.000000Z"}, {"uuid": "284afff9-a11f-4a96-93b3-72e3f6072c1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39884", "type": "seen", "source": "https://t.me/cibsecurity/52760", "content": "\u203c CVE-2022-39884 \u203c\n\nImproper access control vulnerability in IImsService prior to SMR Nov-2022 Release 1 allows local attacker to access to Call information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-10T00:42:46.000000Z"}, {"uuid": "06e76e79-e057-4e0f-aa86-b192462faeeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39881", "type": "seen", "source": "https://t.me/cibsecurity/52759", "content": "\u203c CVE-2022-39881 \u203c\n\nImproper input validation vulnerability for processing SIB12 PDU in Exynos modems prior to SMR Sep-2022 Release allows remote attacker to read out of bounds memory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-10T00:42:41.000000Z"}, {"uuid": "e5bf04de-14fc-4355-90f0-e29cbf8ddecb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39887", "type": "seen", "source": "https://t.me/cibsecurity/52781", "content": "\u203c CVE-2022-39887 \u203c\n\nImproper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to configure EDM setting.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-10T00:49:29.000000Z"}, {"uuid": "5398d405-126a-49c3-a2e9-5fb4fdecd781", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39885", "type": "seen", "source": "https://t.me/cibsecurity/52745", "content": "\u203c CVE-2022-39885 \u203c\n\nImproper access control vulnerability in BootCompletedReceiver_CMCC in DeviceManagement prior to SMR Nov-2022 Release 1 allows local attacker to access to Device information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-10T00:42:22.000000Z"}, {"uuid": "d16e2d77-9b99-441c-9a8d-7bedfa3f7cc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39883", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14400", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39883\n\ud83d\udd25 CVSS Score: 4 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1 allows local attacker to call privileged API.\n\ud83d\udccf Published: 2022-11-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T19:32:32.344Z\n\ud83d\udd17 References:\n1. https://security.samsungmobile.com/securityUpdate.smsb?year=2022&amp;month=11", "creation_timestamp": "2025-05-01T20:16:06.000000Z"}, {"uuid": "b7d35eb7-0cea-4c45-8e1f-7aea03e524e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39887", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14402", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39887\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N)\n\ud83d\udd39 Description: Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to configure EDM setting.\n\ud83d\udccf Published: 2022-11-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T19:31:41.053Z\n\ud83d\udd17 References:\n1. https://security.samsungmobile.com/securityUpdate.smsb?year=2022&amp;month=11", "creation_timestamp": "2025-05-01T20:16:08.000000Z"}, {"uuid": "9304ea51-8af5-4a05-bf57-b094b95afb74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39886", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14401", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39886\n\ud83d\udd25 CVSS Score: 5.9 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper access control vulnerability in IpcRxServiceModeBigDataInfo in RIL prior to SMR Nov-2022 Release 1 allows local attacker to access Device information.\n\ud83d\udccf Published: 2022-11-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T19:32:09.665Z\n\ud83d\udd17 References:\n1. https://security.samsungmobile.com/securityUpdate.smsb?year=2022&amp;month=11", "creation_timestamp": "2025-05-01T20:16:07.000000Z"}, {"uuid": "a2efbce0-7a62-45ff-bb7f-5a269837be08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39882", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14398", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39882\n\ud83d\udd25 CVSS Score: 8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L)\n\ud83d\udd39 Description: Heap overflow vulnerability in sflacf_fal_bytes_peek function in libsmat.so library prior to SMR Nov-2022 Release 1 allows local attacker to execute arbitrary code.\n\ud83d\udccf Published: 2022-11-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T19:33:14.377Z\n\ud83d\udd17 References:\n1. https://security.samsungmobile.com/securityUpdate.smsb?year=2022&amp;month=11", "creation_timestamp": "2025-05-01T20:16:04.000000Z"}]}