Vulnerability Details : CVE-2022-44636
The Samsung TV (2021 and 2022 model) smart remote control allows attackers to enable microphone access via Bluetooth spoofing when a user is activating remote control by pressing a button. This is fixed in xxx72510, E9172511 for 2021 models, xxxA1000, 4x2A0200 for 2022 models.
Products affected by CVE-2022-44636
- cpe:2.3:o:samsung:t-oscpakuc_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:samsung:t-oscpdeuc_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:samsung:t-oscpuabc_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:samsung:t-nkm2akuc_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:samsung:t-nkm2deuc_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:samsung:t-nkm2uabc_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:samsung:t-nklakuc_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:samsung:t-nkldeuc_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:samsung:t-nkluabc_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:samsung:t-ksu2eakuc_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:samsung:t-ksu2edeuc_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:samsung:t-ksu2euab_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:samsung:t-ptmakuc_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:samsung:t-ptmdeuc_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:samsung:t-ptmuabc_firmware:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-44636
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 18 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-44636
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.6
|
MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N |
2.1
|
2.5
|
NIST |
References for CVE-2022-44636
-
https://samsung.com
Samsung Nederland | Smartphones | TV | Huishoudelijk | ITVendor Advisory
-
https://samsungtvbounty.com/securityUpdates
Vendor Advisory
Jump to