CVE-2022-30756: 
NixOS vulnerability analysis and mitigation

Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities with privilege of Finder (Samsung Advisory). The vulnerability was assigned CVE-2022-30756 and was discovered in 2022, affecting Samsung mobile devices running Android 10.0, 11.0, and 12.0 operating systems.

The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. Samsung Mobile assigned a slightly higher CVSS score of 8.5 (HIGH) with vector CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L. The vulnerability is classified under CWE-20 (Improper Input Validation) according to Samsung Mobile's assessment (NVD).

The vulnerability allows attackers to launch certain activities with elevated privileges of the Finder application. This could potentially lead to unauthorized access and execution of privileged operations within the context of the Finder application (Samsung Advisory).

Samsung addressed this vulnerability in the July 2022 Security Maintenance Release (SMR Jul-2022 Release 1). Users should update their devices to the latest available security patch level to protect against this vulnerability (Samsung Advisory).