CVE detail
CVE-2022-22265: Samsung Mobile Devices Use-After-Free Vulnerability
Source: CISA Known Exploited Vulnerabilities catalog · back to feed
Vendor / product
Samsung · Mobile Devices
- Date added (KEV)
- Sep 18, 2023
- CISA due date
- Oct 09, 2023
- Ransomware campaign use
- Unknown
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Vendor fix: Vendor advisory
Scorifya interpretation
AI-generatedA short, structured read of the record above — generated when this page first loads, then cached for a week.
Plain English
Technical detail
From CISA
Samsung devices with selected Exynos chipsets contain a use-after-free vulnerability that allows malicious memory write and code execution.
https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=1; https://nvd.nist.gov/vuln/detail/CVE-2022-22265
References
Other recent CVEs from Samsung
- CVE-2024-7399MagicINFO 9 Server — Samsung MagicINFO 9 Server Path Traversal Vulnerability
- CVE-2025-21042Mobile Devices — Samsung Mobile Devices Out-of-Bounds Write Vulnerability
- CVE-2025-21043Mobile Devices — Samsung Mobile Devices Out-of-Bounds Write Vulnerability
- CVE-2025-4632MagicINFO 9 Server — Samsung MagicINFO 9 Server Path Traversal Vulnerability
- CVE-2021-25371Mobile Devices — Samsung Mobile Devices Unspecified Vulnerability
Check your domain's public posture
Scorifya doesn't test for specific CVEs, but if patching Samsung changed your headers or TLS, a fresh hardening scan helps confirm nothing regressed externally.