CVE-2022-24923

low

Description

Improper access control vulnerability in Samsung SearchWidget prior to versions 2.3.00.6 in China models allows untrusted applications to load arbitrary URL and local files in webview.

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=2

Details

Source: Mitre, NVD

Published: 2022-02-11

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 3.3

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Severity: Low

EPSS

EPSS: 0.00062