SpayNotification Pending Intent Hijacking Vulnerability

SpayNotification Pending Intent Hijacking Vulnerability

CVE-2022-36872 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Pending Intent hijacking vulnerability in SpayNotification in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent.

Learn more about our Web Application Penetration Testing UK.