Show filters
19 Total Results
Displaying 1-10 of 19
Sort by:
Attacker Value
Unknown

CVE-2024-49416

Disclosure Date: December 03, 2024 (last updated December 21, 2024)
Use of implicit intent for sensitive communication in SmartThings prior to version 1.8.21 allows local attackers to get sensitive information.
0
0
Attacker Value
Unknown

CVE-2024-34596

Disclosure Date: July 02, 2024 (last updated July 03, 2024)
Improper authentication in SmartThings prior to version 1.8.17 allows remote attackers to bypass the expiration date for members set by the owner.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-20852

Disclosure Date: April 02, 2024 (last updated April 02, 2024)
Improper verification of intent by broadcast receiver vulnerability in SmartThings prior to version 1.8.13.22 allows local attackers to access testing configuration.
0
0
Attacker Value
Unknown

CVE-2022-39871

Disclosure Date: October 07, 2022 (last updated October 08, 2023)
Improper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcasts.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-39870

Disclosure Date: October 07, 2022 (last updated October 08, 2023)
Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via PUSH_MESSAGE_RECEIVED broadcast.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-39869

Disclosure Date: October 07, 2022 (last updated October 08, 2023)
Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via REMOVE_PERSISTENT_BANNER broadcast.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-39868

Disclosure Date: October 07, 2022 (last updated October 08, 2023)
Improper access control vulnerability in GedSamsungAccount.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-39867

Disclosure Date: October 07, 2022 (last updated October 08, 2023)
Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via SHOW_PERSISTENT_BANNER broadcast.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-39866

Disclosure Date: October 07, 2022 (last updated October 08, 2023)
Improper access control vulnerability in RegisteredEventMediator.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-39865

Disclosure Date: October 07, 2022 (last updated October 08, 2023)
Improper access control vulnerability in ContentsSharingActivity.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  Next >