Samsung Flow
Monthly
Improper access control vulnerability in Samsung Flow prior to version 4.8.06.5 allows attacker to write the file without Samsung Flow permission. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Path traversal vulnerability in Samsung Flow prior to version 4.8.07.4 allows local attackers to read arbitrary files as Samsung Flow permission. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
A missing input validation in Samsung Flow Windows application prior to Version 4.8.5.0 allows attackers to overwrite abtraty file in the Windows known folders. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.
Improper authorization vulnerability in Samsung Flow mobile application prior to 4.8.03.5 allows Samsung Flow PC application connected with user device to access part of notification data in Secure. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.
Improper access control vulnerability in Samsung Flow prior to version 4.8.06.5 allows attacker to write the file without Samsung Flow permission. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Path traversal vulnerability in Samsung Flow prior to version 4.8.07.4 allows local attackers to read arbitrary files as Samsung Flow permission. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
A missing input validation in Samsung Flow Windows application prior to Version 4.8.5.0 allows attackers to overwrite abtraty file in the Windows known folders. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.
Improper authorization vulnerability in Samsung Flow mobile application prior to 4.8.03.5 allows Samsung Flow PC application connected with user device to access part of notification data in Secure. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.