CVE-2022-44636 - OpenCVE

The Samsung TV (2021 and 2022 model) smart remote control allows attackers to enable microphone access via Bluetooth spoofing when a user is activating remote control by pressing a button. This is fixed in xxx72510, E9172511 for 2021 models, xxxA1000, 4x2A0200 for 2022 models.

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Samsung	T-oscpdeuc T-nkldeuc T-nkm2akuc T-oscpdeuc Firmware T-nkm2uabc T-oscpuabc T-nkluabc T-ptmuabc Firmware T-ksu2eakuc T-ptmdeuc Firmware T-oscpuabc Firmware T-nklakuc Firmware T-ksu2eakuc Firmware T-oscpakuc Firmware T-oscpakuc T-ksu2euab Firmware T-ptmakuc T-ptmakuc Firmware T-nklakuc T-nkm2deuc T-ksu2edeuc Firmware T-nkm2deuc Firmware T-ksu2edeuc T-ksu2euab T-nkm2akuc Firmware T-ptmuabc T-ptmdeuc T-nkluabc Firmware T-nkldeuc Firmware T-nkm2uabc Firmware

Configuration 1 [-]

AND

cpe:2.3:o:samsung:t-oscpakuc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:t-oscpakuc:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:samsung:t-oscpdeuc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:t-oscpdeuc:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:samsung:t-oscpuabc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:t-oscpuabc:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:samsung:t-nkm2akuc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:t-nkm2akuc:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:samsung:t-nkm2deuc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:t-nkm2deuc:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:samsung:t-nkm2uabc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:t-nkm2uabc:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:samsung:t-nklakuc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:t-nklakuc:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:samsung:t-nkldeuc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:t-nkldeuc:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:samsung:t-nkluabc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:t-nkluabc:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:samsung:t-ksu2eakuc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:t-ksu2eakuc:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:samsung:t-ksu2edeuc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:t-ksu2edeuc:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:samsung:t-ksu2euab_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:t-ksu2euab:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:samsung:t-ptmakuc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:t-ptmakuc:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:samsung:t-ptmdeuc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:t-ptmdeuc:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:samsung:t-ptmuabc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:t-ptmuabc:-:*:*:*:*:*:*:*

References

Link	Resource
https://samsung.com	Vendor Advisory
https://samsungtvbounty.com/securityUpdates	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-12-13T00:00:00

Updated: 2022-12-14T00:00:00

Reserved: 2022-11-03T00:00:00

Link: CVE-2022-44636

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-12-13T15:15:11.160

Modified: 2022-12-29T18:42:00.133

Link: CVE-2022-44636

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo