MidnightBSD

Advisories for samsung

CVE-2001-1177 MEDIUM

ml85p in Samsung ML-85G GDI printer driver before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung ml-85g_gdi_printer_driver *
samsung ml-85p_printer_driver 1.0
CVE-2010-4284 HIGH

SQL injection vulnerability in the authentication form in the integrated web server in the Data Management Server (DMS) before 1.4.3 in Samsung Integrated Management System allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
samsung data_management_server *
samsung data_management_server 1.4.1
samsung data_management_server 1.3.3
CVE-2011-3420 HIGH

Multiple unspecified vulnerabilities in Google Chrome before 14.0.835.157 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
google chrome_os *
acer ac700_chromebook *
samsung series_5_chromebook *
google cr-48_chromebook *
CVE-2011-3421 HIGH

Multiple unspecified vulnerabilities in Google Chrome before 14.0.835.125 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
google chrome_os *
acer ac700_chromebook *
samsung series_5_chromebook *
google cr-48_chromebook *
CVE-2011-4548 HIGH

Multiple unspecified vulnerabilities in Google Chrome before 16.0.912.44 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
google chrome_os *
acer ac700_chromebook *
samsung series_5_chromebook *
google cr-48_chromebook *
CVE-2011-4719 HIGH

Multiple unspecified vulnerabilities in Google Chrome before 16.0.912.63 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
google chrome_os *
acer ac700_chromebook *
samsung series_5_chromebook *
google cr-48_chromebook *
CVE-2012-0695 HIGH

Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.27 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
google chrome_os *
acer ac700_chromebook *
samsung series_5_chromebook *
google cr-48_chromebook *
CVE-2012-1418 HIGH

Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.60 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
google chrome_os *
acer ac700_chromebook *
samsung series_5_chromebook *
google cr-48_chromebook *
CVE-2012-3290 HIGH

Multiple unspecified vulnerabilities in Google Chrome before 20.0.1132.22 on the Acer AC700; Samsung Series 5, 5 550, and Chromebox 3; and Cr-48 Chromebook platforms have unknown impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
google chrome_os *
samsung series_5_550_chromebook -
acer ac700_chromebook -
google chrome_os 20.0.1132.1
google chrome_os 20.0.1132.12
google chrome_os 20.0.1132.3
google chrome_os 20.0.1132.18
google chrome_os 20.0.1132.17
google chrome_os 20.0.1132.20
google chrome_os 20.0.1132.16
google chrome_os 20.0.1132.4
google chrome_os 20.0.1132.11
google chrome_os 20.0.1132.7
google chrome_os 20.0.1132.5
google chrome_os 20.0.1132.6
google cr-48_chromebook -
google chrome_os 20.0.1132.8
google chrome_os 20.0.1132.19
google chrome_os 20.0.1132.15
google chrome_os 20.0.1132.10
samsung series_5_chromebook -
google chrome_os 20.0.1132.0
samsung chromebox_3 -
google chrome_os 20.0.1132.2
google chrome_os 20.0.1132.9
google chrome_os 20.0.1132.14
google chrome_os 20.0.1132.13
CVE-2012-5858 MEDIUM

Samsung Kies Air 2.1.207051 and 2.1.210161 relies on the IP address for authentication, which allows remote man-in-the-middle attackers to read arbitrary phone contents by spoofing or controlling the IP address.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
samsung kies_air 2.1.210161
samsung kies_air 2.1.207051
CVE-2012-5859 MEDIUM

Samsung Kies Air 2.1.207051 and 2.1.210161 allows remote attackers to cause a denial of service (crash) via a crafted request to www/apps/KiesAir/jws/ssd.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung kies_air 2.1.210161
samsung kies_air 2.1.207051
CVE-2012-6334 LOW

The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices does not properly implement Location APIs, which allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer."

CVSS 2.0

Severity: LOW

Problem Type: CWE-264,

Products Affected

Vendor Product Version
samsung samsungdive -
CVE-2012-6337 LOW

The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices shows the activation of remote tracking, which might allow physically proximate attackers to defeat a product-recovery effort by tampering with this feature or its location data.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
samsung samsungdive -
CVE-2012-6422 HIGH

The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions (0666) for /dev/exynos-mem, which allows attackers to read or write arbitrary physical memory and gain privileges via a crafted application, as demonstrated by ExynosAbuse.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
samsung galaxy_note_2 -
meizu mx -
samsung galaxy_s2 -
CVE-2012-6429 HIGH

Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies before 2.5.1.12123_2_7 allows remote attackers to execute arbitrary code via a long string to the password argument.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
samsung kies *
CVE-2013-3585 MEDIUM

Samsung Web Viewer for Samsung DVR devices stores credentials in cleartext, which allows context-dependent attackers to obtain sensitive information via vectors involving (1) direct access to a file or (2) the user-setup web page.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-255,

Products Affected

Vendor Product Version
samsung smart_viewer -
CVE-2013-3586 HIGH

Samsung Web Viewer for Samsung DVR devices allows remote attackers to bypass authentication via an arbitrary SessionID value in a cookie.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,

Products Affected

Vendor Product Version
samsung dvr -
samsung smart_viewer -
CVE-2013-3964 MEDIUM

Cross-site scripting (XSS) vulnerability in Samsung SHR-5162, SHR-5082, and possibly other models, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
samsung shr-5162 -
samsung shr-5082 -
CVE-2013-4763 LOW

Samsung Galaxy S3/S4 exposes an unprotected component allowing arbitrary SMS text messages without requesting permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 0.9 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-276,

Products Affected

Vendor Product Version
samsung galaxy_s4_firmware -
samsung galaxy_s3_firmware -
CVE-2013-4764 LOW

Samsung Galaxy S3/S4 exposes an unprotected component allowing an unprivileged app to send arbitrary SMS texts to arbitrary destinations without permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 0.7 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-276,

Products Affected

Vendor Product Version
samsung galaxy_s3_firmware 1.0
samsung galaxy_s4_firmware 1.4
CVE-2013-4890 HIGH

The DMCRUIS/0.1 web server on the Samsung PS50C7700 TV allows remote attackers to cause a denial of service (daemon crash) via a long URI to TCP port 5600.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung ps50c7700_television -
samsung ps50c7700_television_firmware -
CVE-2013-7447 MEDIUM

Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c in GTK+ before 3.9.8, as used in eom, gnome-photos, eog, gambas3, thunar, pinpoint, and possibly other applications, allows remote attackers to cause a denial of service (crash) via a large image file, which triggers a large memory allocation.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
canonical ubuntu_linux 15.10
canonical ubuntu_linux 14.04
samsung x14j_firmware t-ms14jakucb-1102.5
canonical ubuntu_linux 12.04
CVE-2014-3911 HIGH

Samsung iPOLiS Device Manager before 1.8.7 allow remote attackers to execute arbitrary code via unspecified values to the (1) Start, (2) ChangeControlLocalName, (3) DeleteDeviceProfile, (4) FrameAdvanceReader, or other unknown method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
samsung ipolis_device_manager *
CVE-2014-3912 HIGH

Stack-based buffer overflow in the FindConfigChildeKeyList method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control in Samsung iPOLiS Device Manager before 1.8.7 allows remote attackers to execute arbitrary code via a long value.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
samsung ipolis_device_manager *
CVE-2014-8346 HIGH

The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service (screen locking with an arbitrary code) by triggering unexpected Find My Mobile network traffic.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
samsung mobile -
samsung findmymobile -
CVE-2014-9265 MEDIUM

Stack-based buffer overflow in the BackupToAvi method in the CNC_Ctrl ActiveX control in Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
samsung smartviewer -
CVE-2014-9266 MEDIUM

The STWConfig ActiveX control in Samsung SmartViewer does not properly initialize a variable, which allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
samsung smart_viewer -
CVE-2015-0555 MEDIUM

Buffer overflow in the XnsSdkDeviceIpInstaller.ocx ActiveX control in Samsung iPOLiS Device Manager 1.12.2 allows remote attackers to execute arbitrary code via a long string in the first argument to the (1) ReadConfigValue or (2) WriteConfigValue function.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
samsung ipolis_device_manager 1.12.2
CVE-2015-0718 HIGH

Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack reload) by sending crafted TCP packets to a device that has a TIME_WAIT TCP session, aka Bug ID CSCub70579.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
cisco unified_computing_system 2.0_1t
cisco unified_computing_system 2.1_1b
cisco unified_computing_system 2.2_1d
cisco unified_computing_system 2.1_3c
cisco unified_computing_system 2.0_5a
cisco unified_computing_system 2.2_1b
cisco unified_computing_system 1.4_3l
cisco unified_computing_system 2.0_1x
cisco unified_computing_system 2.1_2a
cisco unified_computing_system 2.0_3a
cisco unified_computing_system 2.0_4b
cisco unified_computing_system 2.2_1c
cisco unified_computing_system 2.0_5c
cisco unified_computing_system 2.2_1e
zzinc keymouse_firmware 3.08
cisco unified_computing_system 1.4_4l
cisco unified_computing_system 2.0_3c
cisco unified_computing_system 2.0_5f
cisco unified_computing_system 2.1_1e
cisco unified_computing_system 1.4_4i
cisco unified_computing_system 2.0_3b
zyxel gs1900-10hp_firmware *
cisco unified_computing_system 1.4_3q
netgear jr6150_firmware *
cisco unified_computing_system 2.0_2m
cisco unified_computing_system 2.1_1d
cisco unified_computing_system 2.0_2q
cisco unified_computing_system 1.4_3m
cisco nx-os base
cisco unified_computing_system 1.5_base
cisco unified_computing_system 2.2_2c
cisco unified_computing_system 2.1_3e
cisco unified_computing_system 1.6_base
cisco unified_computing_system 2.0_1s
cisco unified_computing_system 2.1_3a
cisco unified_computing_system 2.1_3f
cisco unified_computing_system 1.4_1m
cisco unified_computing_system 2.0_1w
cisco unified_computing_system 1.4_3i
cisco unified_computing_system 2.0_4a
cisco unified_computing_system 2.2_2d
cisco unified_computing_system 2.0_1q
cisco unified_computing_system 2.0_5d
cisco unified_computing_system 2.1_3d
cisco unified_computing_system 1.4_1i
cisco unified_computing_system 1.4_4j
cisco unified_computing_system 1.4_4k
cisco unified_computing_system 2.0_5b
cisco unified_computing_system 2.0_2r
cisco unified_computing_system 2.0_4d
cisco unified_computing_system 2.1_2c
cisco unified_computing_system 2.1_1a
cisco unified_computing_system 2.2_2e
cisco unified_computing_system 2.1_1f
sun opensolaris snv_124
cisco unified_computing_system 2.0_5e
cisco unified_computing_system 1.4_4f
samsung x14j_firmware t-ms14jakucb-1102.5
cisco unified_computing_system 2.1_2d
cisco unified_computing_system 1.4_1j
cisco unified_computing_system 1.4_3u
cisco unified_computing_system 2.1_3b
cisco unified_computing_system 1.4_4g
cisco unified_computing_system 1.4_3s
cisco unified_computing_system 1.4_3y
CVE-2015-0863 HIGH

GALAXY Apps (aka Samsung Apps, Samsung Updates, or com.sec.android.app.samsungapps) before 14120405.03.012 allows man-in-the-middle attackers to obtain sensitive information and execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
samsung galaxy_app -
samsung samsung_account_app -
CVE-2015-0864 HIGH

Samsung Account (AKA com.osp.app.signin) before 1.6.0069 and 2.x before 2.1.0069 allows man-in-the-middle attackers to obtain sensitive information and execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
samsung galaxy_app -
samsung samsung_account_app -
CVE-2015-1499 HIGH

The ActiveMQ Broker in Samsung Security Manager (SSM) before 1.31 allows remote attackers to delete arbitrary files, and consequently cause a denial of service, via a DELETE request.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
samsung samsung_security_manager *
CVE-2015-1800 MEDIUM

The samsung_extdisp driver in the Samsung S4 (GT-I9500) I9500XXUEMK8 kernel 3.4 and earlier allows attackers to potentially obtain sensitive information.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
samsung galaxy_s4_firmware i9500xxuemk8
CVE-2015-1801 HIGH

The samsung_extdisp driver in the Samsung S4 (GT-I9500) I9500XXUEMK8 kernel 3.4 and earlier allows attackers to cause a denial of service (memory corruption) or gain privileges.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
samsung galaxy_s4_firmware i9500xxuemk8
CVE-2015-3435 HIGH

Samsung Security Manager (SSM) before 1.31 allows remote attackers to execute arbitrary code by uploading a file with an HTTP (1) PUT or (2) MOVE request.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
samsung samsung_security_manager *
CVE-2015-4033 LOW

Samsung SBeam allows remote attackers to read arbitrary images by leveraging an NFC connection to access the HTTP server on port 15000.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
samsung s-beam -
CVE-2015-4034 HIGH

The createFromParcel method in the com.absolute.android.persistence.MethodSpec class in Samsung Galaxy S5s allows remote attackers to execute arbitrary files via a crafted Parcelable object in a serialized MethodSpec object.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-284,

Products Affected

Vendor Product Version
samsung galaxy_s5 -
CVE-2015-5473 HIGH

Multiple directory traversal vulnerabilities in Samsung SyncThru 6 before 1.0 allow remote attackers to delete arbitrary files via unspecified parameters to (1) upload/updateDriver or (2) upload/addDriver or to execute arbitrary code with SYSTEM privileges via unspecified parameters to (3) uploadCloning.html, (4) fileupload.html, (5) uploadFirmware.html, or (6) upload/driver.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,

Products Affected

Vendor Product Version
samsung syncthru_6 *
CVE-2015-5729 MEDIUM

The Soft Access Point (AP) feature in Samsung Smart TVs X10P, X12, X14H, X14J, and NT14U and Xpress M288OFW printers generate weak WPA2 PSK keys, which makes it easier for remote attackers to obtain sensitive information or bypass authentication via a brute-force attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
samsung x12_firmware t-mst12deucb-1111.4
samsung x14h_firmware t-mst14akucb-1100.4
samsung nt14u_firmware t-nt14udcncb-1003.1
samsung x14h_firmware t-mst14deucb-1023.0
samsung x10p_firmware t-mst10pibrcb-1104.0
samsung x14j_firmware t-ms14jdeucb-1018.0
samsung x10p_firmware t-mst10pauscp-1302.0
samsung m288ofw_firmware -
samsung x14j_firmware t-ms14jdcncb-1004.2
samsung nt14u_firmware t-nt14uakucb-1008.0
samsung x14j_firmware t-ms14jakucb-1102.5
samsung x10p_firmware t-mst10pdeucb-1210.0
samsung x12_firmware t-mst12akucb-1114.0
samsung x14h_firmware t-mst14dcncb-1010.0
samsung nt14u_firmware t-nt14udeucb-1007.1
CVE-2015-7267 LOW

Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when in sleep mode and operating in Opal or eDrive mode on Lenovo ThinkPad T440s laptops with BIOS 2.32; ThinkPad W541 laptops with BIOS 2.21; Dell Latitude E6410 laptops with BIOS A16; or Latitude E6430 laptops with BIOS A16, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by leveraging failure to detect when SATA drives are unplugged in Sleep Mode, aka a "Hot Plug attack."

CVSS 2.0

Severity: LOW

Problem Type: CWE-254,

Products Affected

Vendor Product Version
seagate st500lt015_firmware -
samsung pm851_firmware -
samsung 850_pro_firmware -
seagate st500lt025_firmware -
CVE-2015-7268 LOW

Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when used on Windows and operating in Opal mode on Lenovo ThinkPad T440s laptops with BIOS 2.32 or ThinkPad W541 laptops with BIOS 2.21, or in Opal or eDrive mode on Dell Latitude E6410 laptops with BIOS A16 or Latitude E6430 laptops with BIOS A16, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by triggering a soft reset and booting from an alternative OS, aka a "Forced Restart Attack."

CVSS 2.0

Severity: LOW

Problem Type: CWE-254,

Products Affected

Vendor Product Version
seagate st500lt015_firmware -
samsung pm851_firmware -
samsung 850_pro_firmware -
seagate st500lt025_firmware -
CVE-2015-7888 HIGH

Directory traversal vulnerability in the WifiHs20UtilityService on the Samsung S6 Edge LRX22G.G925VVRU1AOE2 allows remote attackers to overwrite or create arbitrary files as the system-level user via a .. (dot dot) in the name of a file, compressed into a zipped file named cred.zip, and downloaded to /sdcard/Download.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,

Products Affected

Vendor Product Version
samsung galaxy_s6_edge_firmware g925vvru1aoe2
CVE-2015-7890 MEDIUM

Multiple buffer overflows in the esa_write function in /dev/seirenin the Exynos Seiren Audio driver, as used in Samsung S6 Edge, allow local users to cause a denial of service (memory corruption) via a large (1) buffer or (2) size parameter.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,

Products Affected

Vendor Product Version
samsung galaxy_s6_edge_firmware -
CVE-2015-7891 MEDIUM

Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(5.0/5.1) allows local users to trigger memory errors by leveraging definition of g2d_lock and g2d_unlock lock macros as no-ops, aka SVE-2015-4598.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
samsung samsung_mobile 5.0
samsung samsung_mobile 5.1
CVE-2015-7892 MEDIUM

Stack-based buffer overflow in the m2m1shot_compat_ioctl32 function in the Samsung m2m1shot driver framework, as used in Samsung S6 Edge, allows local users to have unspecified impact via a large data.buf_out.num_planes value in an ioctl call.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
samsung m2m1shot_driver -
CVE-2015-7893 MEDIUM

SecEmailUI in Samsung Galaxy S6 does not sanitize HTML email content, allows remote attackers to execute arbitrary JavaScript.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
samsung galaxy_s6 -
CVE-2015-7894 MEDIUM

The DCMProvider service in Samsung LibQjpeg on a Samsung SM-G925V device running build number LRX22G.G925VVRU1AOE2 allows remote attackers to cause a denial of service (segmentation fault and process crash) and execute arbitrary code via a crafted JPG.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
samsung galaxy_s6_edge_firmware lrx22g.g925vvru1aoe2
CVE-2015-7895 LOW

Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash).

CVSS 2.0

Severity: LOW

Problem Type: CWE-284,

Products Affected

Vendor Product Version
samsung samsung_mobile *
CVE-2015-7896 MEDIUM

LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
samsung samsung_mobile 6.0
samsung samsung_mobile 5.0.1
samsung samsung_mobile 6.0.1
samsung samsung_mobile 5.0
samsung samsung_mobile 7.1.2
samsung samsung_mobile 5.0.2
samsung samsung_mobile 7.1
samsung samsung_mobile 5.1.1
samsung samsung_mobile 7.1.1
samsung samsung_mobile 7.0
samsung samsung_mobile 5.1
CVE-2015-7897 HIGH

The media scanning functionality in the face recognition library in android.media.process in Samsung Galaxy S6 Edge before G925VVRU4B0G9 allows remote attackers to gain privileges or cause a denial of service (memory corruption) via a crafted BMP image file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
samsung galaxy_s6 -
CVE-2015-7898 LOW

Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash).

CVSS 2.0

Severity: LOW

Problem Type: CWE-284,

Products Affected

Vendor Product Version
samsung samsung_mobile *
CVE-2015-8039 MEDIUM

Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors to the (1) DVRSetupSave method in the STWAxConfig control or (2) SendCustomPacket method in the STWAxConfigNVR control, which trigger an untrusted pointer dereference.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung smartviewer -
CVE-2015-8040 MEDIUM

The rtsp_getdlsendtime method in the CNC_Ctrl control in Samsung SmartViewer allows remote attackers to execute arbitrary code via an index value.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
samsung smartviewer -
CVE-2015-8279 MEDIUM

Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to read arbitrary files via a request to an unspecified PHP script.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
samsung web_viewer *
CVE-2015-8280 MEDIUM

Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to discover credentials by reading detailed error messages.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
samsung web_viewer *
CVE-2015-8281 HIGH

Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows attackers to bypass filesystem encryption via XOR calculations.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-310,

Products Affected

Vendor Product Version
samsung web_viewer *
CVE-2015-8780 MEDIUM

Samsung wssyncmlnps before 2015-10-31 allows directory traversal in a Kies restore, aka ZipFury.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
samsung kies *
CVE-2016-0729 HIGH

Multiple buffer overflows in (1) internal/XMLReader.cpp, (2) util/XMLURL.cpp, and (3) util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service (segmentation fault or memory corruption) or possibly execute arbitrary code via a crafted document.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
fedoraproject fedora 22
samsung x14j_firmware t-ms14jakucb-1102.5
fedoraproject fedora 24
fedoraproject fedora 23
CVE-2016-0960 HIGH

Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
adobe flash_player *
adobe air_sdk *
adobe air_sdk_&_compiler *
samsung x14j_firmware t-ms14jakucb-1102.5
adobe flash_player_desktop_runtime *
adobe air *
adobe air_desktop_runtime *
CVE-2016-0961 HIGH

Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
adobe flash_player *
adobe air_sdk *
adobe air_sdk_&_compiler *
samsung x14j_firmware t-ms14jakucb-1102.5
adobe flash_player_desktop_runtime *
adobe air *
adobe air_desktop_runtime *
CVE-2016-0962 HIGH

Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
adobe flash_player *
adobe air_sdk *
adobe air_sdk_&_compiler *
samsung x14j_firmware t-ms14jakucb-1102.5
adobe flash_player_desktop_runtime *
adobe air *
adobe air_desktop_runtime *
CVE-2016-0963 HIGH

Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0993 and CVE-2016-1010.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
adobe flash_player *
adobe air_sdk *
adobe air_sdk_&_compiler *
samsung x14j_firmware t-ms14jakucb-1102.5
adobe flash_player_desktop_runtime *
adobe air *
adobe air_desktop_runtime *
CVE-2016-0986 HIGH

Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
adobe flash_player *
adobe air_sdk *
adobe air_sdk_&_compiler *
samsung x14j_firmware t-ms14jakucb-1102.5
adobe flash_player_desktop_runtime *
adobe air *
adobe air_desktop_runtime *
CVE-2016-0987 HIGH

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
adobe flash_player *
adobe air_sdk *
adobe air_sdk_&_compiler *
samsung x14j_firmware t-ms14jakucb-1102.5
adobe flash_player_desktop_runtime *
adobe air *
adobe air_desktop_runtime *
CVE-2016-0988 HIGH

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
adobe flash_player *
adobe air_sdk *
adobe air_sdk_&_compiler *
samsung x14j_firmware t-ms14jakucb-1102.5
adobe flash_player_desktop_runtime *
adobe air *
adobe air_desktop_runtime *
CVE-2016-0989 HIGH

Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
adobe flash_player *
adobe air_sdk *
adobe air_sdk_&_compiler *
samsung x14j_firmware t-ms14jakucb-1102.5
adobe flash_player_desktop_runtime *
adobe air *
adobe air_desktop_runtime *
CVE-2016-0990 HIGH

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
adobe flash_player *
adobe air_sdk *
adobe air_sdk_&_compiler *
samsung x14j_firmware t-ms14jakucb-1102.5
adobe flash_player_desktop_runtime *
adobe air *
adobe air_desktop_runtime *
CVE-2016-0991 HIGH

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
adobe flash_player *
adobe air_sdk *
adobe air_sdk_&_compiler *
samsung x14j_firmware t-ms14jakucb-1102.5
adobe flash_player_desktop_runtime *
adobe air *
adobe air_desktop_runtime *
CVE-2016-0992 HIGH

Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-1002, and CVE-2016-1005.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
adobe flash_player *
adobe air_sdk *
adobe air_sdk_&_compiler *
samsung x14j_firmware t-ms14jakucb-1102.5
adobe flash_player_desktop_runtime *
adobe air *
adobe air_desktop_runtime *
CVE-2016-0993 HIGH

Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-1010.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
adobe flash_player *
adobe air_sdk *
adobe air_sdk_&_compiler *
samsung x14j_firmware t-ms14jakucb-1102.5
adobe flash_player_desktop_runtime *
adobe air *
adobe air_desktop_runtime *
CVE-2016-0994 HIGH

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code by using the actionCallMethod opcode with crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
adobe flash_player *
adobe air_sdk *
adobe air_sdk_&_compiler *
samsung x14j_firmware t-ms14jakucb-1102.5
adobe flash_player_desktop_runtime *
adobe air *
adobe air_desktop_runtime *
CVE-2016-0995 HIGH

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
adobe flash_player *
adobe air_sdk *
adobe air_sdk_&_compiler *
samsung x14j_firmware t-ms14jakucb-1102.5
adobe flash_player_desktop_runtime *
adobe air *
adobe air_desktop_runtime *
CVE-2016-0996 HIGH

Use-after-free vulnerability in the setInterval method in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
adobe flash_player *
adobe air_sdk *
adobe air_sdk_&_compiler *
samsung x14j_firmware t-ms14jakucb-1102.5
adobe flash_player_desktop_runtime *
adobe air *
adobe air_desktop_runtime *
CVE-2016-0997 HIGH

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
adobe flash_player *
adobe air_sdk *
adobe air_sdk_&_compiler *
samsung x14j_firmware t-ms14jakucb-1102.5
adobe flash_player_desktop_runtime *
adobe air *
adobe air_desktop_runtime *
CVE-2016-0998 HIGH

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0999, and CVE-2016-1000.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
adobe flash_player *
adobe air_sdk *
adobe air_sdk_&_compiler *
samsung x14j_firmware t-ms14jakucb-1102.5
adobe flash_player_desktop_runtime *
adobe air *
adobe air_desktop_runtime *
CVE-2016-0999 HIGH

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-1000.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
adobe flash_player *
adobe air_sdk *
adobe air_sdk_&_compiler *
samsung x14j_firmware t-ms14jakucb-1102.5
adobe flash_player_desktop_runtime *
adobe air *
adobe air_desktop_runtime *
CVE-2016-1000 HIGH

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-0999.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
adobe flash_player *
adobe air_sdk *
adobe air_sdk_&_compiler *
samsung x14j_firmware t-ms14jakucb-1102.5
adobe flash_player_desktop_runtime *
adobe air *
adobe air_desktop_runtime *
CVE-2016-1001 MEDIUM

Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
adobe flash_player *
adobe air_sdk *
adobe air_sdk_&_compiler *
samsung x14j_firmware t-ms14jakucb-1102.5
adobe flash_player_desktop_runtime *
adobe air *
adobe air_desktop_runtime *
CVE-2016-1002 HIGH

Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1005.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
adobe flash_player *
adobe air_sdk *
adobe air_sdk_&_compiler *
samsung x14j_firmware t-ms14jakucb-1102.5
adobe flash_player_desktop_runtime *
adobe air *
adobe air_desktop_runtime *
CVE-2016-1005 HIGH

Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1002.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-824,

Products Affected

Vendor Product Version
adobe flash_player *
adobe air_sdk *
adobe air_sdk_&_compiler *
samsung x14j_firmware t-ms14jakucb-1102.5
adobe flash_player_desktop_runtime *
adobe air *
adobe air_desktop_runtime *
CVE-2016-1010 HIGH

Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,CWE-190,

Products Affected

Vendor Product Version
adobe flash_player *
adobe air_sdk *
adobe air_sdk_&_compiler *
samsung x14j_firmware t-ms14jakucb-1102.5
adobe flash_player_desktop_runtime *
adobe air *
adobe air_desktop_runtime *
CVE-2016-11050 LOW

An issue was discovered on Samsung mobile devices with S3(KK), Note2(KK), S4(L), Note3(L), and S5(L) software. An attacker can rewrite the IMEI by flashing crafted firmware. The Samsung ID is SVE-2016-5562 (March 2016).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 0.7 3.6

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung note3_firmware -
samsung s5_firmware -
samsung s4_firmware -
samsung note2_firmware -
samsung s3_firmware -
CVE-2016-1302 HIGH

Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-284,

Products Affected

Vendor Product Version
zyxel gs1900-10hp_firmware *
samsung x14j_firmware t-ms14jakucb-1102.5
zzinc keymouse_firmware 3.08
sun opensolaris snv_124
cisco nx-os base
CVE-2016-1308 MEDIUM

SQL injection vulnerability in Cisco Unified Communications Manager 10.5(2.13900.9) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCux99227.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,

Products Affected

Vendor Product Version
samsung x14j_firmware t-ms14jakucb-1102.5
CVE-2016-1319 MEDIUM

Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM & Presence Service 10.5(2); Unified Contact Center Express 11.0(1); and Unity Connection 10.5(2) store a cleartext encryption key, which allows local users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuv85958.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
zyxel gs1900-10hp_firmware *
samsung x14j_firmware t-ms14jakucb-1102.5
zzinc keymouse_firmware 3.08
sun opensolaris snv_124
CVE-2016-1329 HIGH

Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and 6.0(2)A6(1) through 6.0(2)A6(5) and 6.0(2)A7(1) on Nexus 3500 devices has hardcoded credentials, which allows remote attackers to obtain root privileges via a (1) TELNET or (2) SSH session, aka Bug ID CSCuy25800.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,

Products Affected

Vendor Product Version
zyxel gs1900-10hp_firmware *
samsung x14j_firmware t-ms14jakucb-1102.5
zzinc keymouse_firmware 3.08
sun opensolaris snv_124
CVE-2016-1344 HIGH

The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service (device reload) via fragmented packets, aka Bug ID CSCux38417.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
cisco ios_xe 3.7e_3.7.0e
cisco ios_xe 3.7e_3.7.2e
cisco ios_xe 3.6e_3.6.1e
cisco ios_xe 3.10s_3.10.4s
cisco ios_xe 3.4s_3.4.3s
cisco ios_xe 3.7s_3.7.5s
cisco ios_xe 3.10s_3.10.2s
cisco ios_xe 3.13s_3.13.2as
cisco ios_xe 3.4sg_3.4.5sg
zyxel gs1900-10hp_firmware *
cisco ios_xe 3.4s_3.4.4s
cisco ios_xe 3.4sg_3.4.0sg
cisco ios_xe 3.5e_3.5.0e
cisco ios_xe 3.9s_3.9.2s
cisco ios_xe 3.6s_3.6.2s
cisco ios_xe 3.11s_3.11.3s
lenovo thinkcentre_e75s_firmware *
cisco ios_xe 3.9s_3.9.1as
cisco ios_xe 3.8e_3.8.0e
cisco ios_xe 3.4sg_3.4.4sg
cisco ios_xe 3.15s_3.15.1cs
cisco ios_xe 3.11s_3.11.1s
cisco ios_xe 3.7s_3.7.4s
cisco ios_xe 3.12s_3.12.1s
cisco ios_xe 3.14s_3.14.3s
cisco ios_xe 3.15s_3.15.1s
cisco ios_xe 3.13s_3.13.0as
cisco ios_xe 3.4s_3.4.1s
cisco ios_xe 3.8s_3.8.0s
cisco ios_xe 3.6s_3.6.0s
cisco ios_xe 3.14s_3.14.2s
cisco ios_xe 3.7s_3.7.0s
cisco ios_xe 3.7s_3.7.3s
cisco ios_xe 3.7e_3.7.1e
cisco ios_xe 3.7s_3.7.2s
cisco ios_xe 3.16s_3.16.1as
cisco ios_xe 3.5e_3.5.3e
cisco ios_xe 3.10s_3.10.1s
cisco ios_xe 3.12s_3.12.0s
cisco ios_xe 3.5s_3.5.0s
cisco ios_xe 3.16s_3.16.1s
cisco ios_xe 3.4s_3.4.5s
cisco ios_xe 3.3s_3.3.2s
cisco ios_xe 3.10s_3.10.6s
cisco ios_xe 3.7s_3.7.4as
cisco ios_xe 3.3xo_3.3.2xo
cisco ios_xe 3.11s_3.11.0s
cisco ios_xe 3.3xo_3.3.0xo
cisco ios_xe 3.5s_3.5.1s
cisco ios_xe 3.7s_3.7.7s
cisco ios_xe 3.4s_3.4.6s
cisco ios_xe 3.3s_3.3.0s
cisco ios_xe 3.11s_3.11.2s
cisco ios_xe 3.8e_3.8.1e
cisco ios_xe 3.7s_3.7.1s
cisco ios_xe 3.6e_3.6.2e
cisco ios_xe 3.3sg_3.3.2sg
cisco ios_xe 3.4sg_3.4.3sg
zzinc keymouse_firmware 3.08
cisco ios_xe 3.8s_3.8.2s
cisco ios_xe 3.16s_3.16.0s
cisco ios_xe 3.15s_3.15.0s
netgear jr6150_firmware *
cisco ios_xe 3.13s_3.13.1s
cisco ios_xe 3.5s_3.5.2s
cisco ios_xe 3.7s_3.7.2ts
cisco ios_xe 3.12s_3.12.2s
cisco ios_xe 3.5e_3.5.2e
cisco ios_xe 3.9s_3.9.0as
cisco ios_xe 3.14s_3.14.0s
cisco ios_xe 3.10s_3.10.1xbs
cisco ios_xe 3.4s_3.4.0as
cisco ios_xe 3.7s_3.7.6s
cisco ios_xe 3.6s_3.6.1s
cisco ios_xe 3.17s_3.17.0s
cisco ios_xe 3.3s_3.3.1s
cisco ios_xe 3.3sg_3.3.1sg
cisco ios_xe 3.16s_3.16.0cs
cisco ios_xe 3.9s_3.9.0s
cisco ios_xe 3.13s_3.13.3s
cisco ios_xe 3.10s_3.10.3s
cisco ios_xe 3.4sg_3.4.1sg
cisco ios_xe 3.4sg_3.4.2sg
cisco ios_xe 3.10s_3.10.5s
cisco ios_xe 3.6e_3.6.3e
cisco ios_xe 3.8s_3.8.1s
cisco ios_xe 3.10s_3.10.0s
cisco ios_xe 3.6e_3.6.2ae
cisco ios_xe 3.9s_3.9.1s
cisco ios_xe 3.4s_3.4.2s
cisco ios_xe 3.13s_3.13.4s
cisco ios_xe 3.4sg_3.4.7sg
cisco ios_xe 3.3sg_3.3.0sg
sun opensolaris snv_124
cisco ios_xe 3.4s_3.4.0s
cisco ios_xe 3.5e_3.5.1e
cisco ios_xe 3.6e_3.6.0e
cisco ios_xe 3.11s_3.11.4s
cisco ios_xe 3.7e_3.7.3e
cisco ios_xe 3.13s_3.13.0s
samsung x14j_firmware t-ms14jakucb-1102.5
cisco ios_xe 3.12s_3.12.4s
cisco ios_xe 3.12s_3.12.3s
cisco ios_xe 3.14s_3.14.1s
cisco ios_xe 3.4sg_3.4.6sg
cisco ios_xe 3.3xo_3.3.1xo
cisco ios_xe 3.15s_3.15.2s
cisco ios_xe 3.13s_3.13.2s
CVE-2016-1346 HIGH

The kernel in Cisco TelePresence Server 3.0 through 4.2(4.18) on Mobility Services Engine (MSE) 8710 devices allows remote attackers to cause a denial of service (panic and reboot) via a crafted sequence of IPv6 packets, aka Bug ID CSCuu46673.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
zyxel gs1900-10hp_firmware *
netgear jr6150_firmware *
dell emc_powerscale_onefs 8.2.2
samsung x14j_firmware t-ms14jakucb-1102.5
zzinc keymouse_firmware 3.08
CVE-2016-1348 HIGH

Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 Relay message, aka Bug ID CSCus55821.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
cisco ios_xe 3.7e_3.7.0e
cisco ios_xe 3.7e_3.7.2e
cisco ios_xe 3.11s_3.11.2s
cisco ios_xe 3.7s_3.7.1s
cisco ios_xe 3.6e_3.6.2e
cisco ios_xe 3.6e_3.6.1e
cisco ios_xe 3.10s_3.10.4s
zzinc keymouse_firmware 3.08
cisco ios_xe 3.7s_3.7.5s
cisco ios_xe 3.8s_3.8.2s
cisco ios_xe 3.10s_3.10.2s
cisco ios_xe 3.13s_3.13.2as
cisco ios_xe 3.16s_3.16.0s
cisco ios_xe 3.15s_3.15.0s
zyxel gs1900-10hp_firmware *
netgear jr6150_firmware *
cisco ios_xe 3.13s_3.13.1s
cisco ios_xe 3.5s_3.5.2s
cisco ios_xe 3.5e_3.5.0e
cisco ios_xe 3.7s_3.7.2ts
cisco ios_xe 3.9s_3.9.2s
cisco ios_xe 3.12s_3.12.2s
cisco ios_xe 3.5e_3.5.2e
cisco ios_xe 3.6s_3.6.2s
cisco ios_xe 3.11s_3.11.3s
cisco ios_xe 3.9s_3.9.0as
cisco ios_xe 3.9s_3.9.1as
cisco ios_xe 3.14s_3.14.0s
cisco ios_xe 3.8e_3.8.0e
cisco ios_xe 3.10s_3.10.1xbs
cisco ios_xe 3.7s_3.7.6s
cisco ios_xe 3.6s_3.6.1s
cisco ios_xe 3.15s_3.15.1cs
cisco ios_xe 3.11s_3.11.1s
cisco ios_xe 3.7s_3.7.4s
cisco ios_xe 3.12s_3.12.1s
cisco ios_xe 3.14s_3.14.3s
cisco ios_xe 3.15s_3.15.1s
cisco ios_xe 3.16s_3.16.0cs
cisco ios_xe 3.9s_3.9.0s
cisco ios_xe 3.13s_3.13.0as
cisco ios_xe 3.13s_3.13.3s
cisco ios_xe 3.8s_3.8.0s
cisco ios_xe 3.10s_3.10.3s
cisco ios_xe 3.6s_3.6.0s
cisco ios_xe 3.14s_3.14.2s
cisco ios_xe 3.7s_3.7.0s
cisco ios_xe 3.7s_3.7.3s
cisco ios_xe 3.7e_3.7.1e
cisco ios_xe 3.7s_3.7.2s
cisco ios_xe 3.16s_3.16.1as
cisco ios_xe 3.10s_3.10.5s
cisco ios_xe 3.5e_3.5.3e
cisco ios_xe 3.6e_3.6.3e
cisco ios_xe 3.8s_3.8.1s
cisco ios_xe 3.10s_3.10.1s
cisco ios_xe 3.12s_3.12.0s
cisco ios_xe 3.5s_3.5.0s
cisco ios_xe 3.16s_3.16.1s
cisco ios_xe 3.10s_3.10.0s
cisco ios_xe 3.6e_3.6.2ae
cisco ios_xe 3.9s_3.9.1s
cisco ios_xe 3.13s_3.13.4s
sun opensolaris snv_124
cisco ios_xe 3.5e_3.5.1e
cisco ios_xe 3.6e_3.6.0e
cisco ios_xe 3.10s_3.10.6s
cisco ios_xe 3.7s_3.7.4as
cisco ios_xe 3.11s_3.11.4s
cisco ios_xe 3.3xo_3.3.2xo
cisco ios_xe 3.11s_3.11.0s
cisco ios_xe 3.3xo_3.3.0xo
cisco ios_xe 3.13s_3.13.0s
samsung x14j_firmware t-ms14jakucb-1102.5
cisco ios_xe 3.5s_3.5.1s
cisco ios_xe 3.12s_3.12.4s
cisco ios_xe 3.12s_3.12.3s
cisco ios_xe 3.14s_3.14.1s
cisco ios_xe 3.3xo_3.3.1xo
cisco ios_xe 3.7s_3.7.7s
cisco ios_xe 3.15s_3.15.2s
cisco ios_xe 3.13s_3.13.2s
CVE-2016-1349 HIGH

The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
cisco ios_xe 3.7e_3.7.0e
cisco ios_xe 3.4sg_3.4.4sg
cisco ios_xe 3.7e_3.7.2e
cisco ios_xe 3.3se_3.3.3se
cisco ios_xe 3.6e_3.6.2e
cisco ios_xe 3.6e_3.6.1e
cisco ios_xe 3.3se_3.3.2se
cisco ios_xe 3.4sg_3.4.1sg
cisco ios_xe 3.4sg_3.4.2sg
cisco ios_xe 3.4sg_3.4.3sg
zzinc keymouse_firmware 3.08
cisco ios_xe 3.7e_3.7.1e
cisco ios_xe 3.5e_3.5.3e
cisco ios_xe 3.2se_3.2.2se
cisco ios_xe 3.2se_3.2.1se
cisco ios_xe 3.2se_3.2.3se
cisco ios_xe 3.4sg_3.4.5sg
cisco ios_xe 3.3se_3.3.4se
zyxel gs1900-10hp_firmware *
netgear jr6150_firmware *
cisco ios_xe 3.6e_3.6.2ae
cisco ios_xe 3.3se_3.3.1se
sun opensolaris snv_124
cisco ios_xe 3.5e_3.5.1e
cisco ios_xe 3.6e_3.6.0e
cisco ios_xe 3.4sg_3.4.0sg
intel core_i5-9400f_firmware -
cisco ios_xe 3.5e_3.5.0e
cisco ios_xe 3.5e_3.5.2e
cisco ios_xe 3.2se_3.2.0se
cisco ios_xe 3.3xo_3.3.2xo
cisco ios_xe 3.3xo_3.3.0xo
cisco ios_xe 3.3se_3.3.0se
samsung x14j_firmware t-ms14jakucb-1102.5
cisco ios_xe 3.3se_3.3.5se
cisco ios_xe 3.4sg_3.4.6sg
cisco ios_xe 3.3xo_3.3.1xo
cisco ios_xe 3.2ja_3.2.0ja
CVE-2016-1350 HIGH

Cisco IOS 15.3 and 15.4, Cisco IOS XE 3.8 through 3.11, and Cisco Unified Communications Manager allow remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCuj23293.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
zyxel gs1900-10hp_firmware *
cisco ios_xe 3.9.0as
cisco ios_xe 3.10.2s
cisco ios_xe 3.9.0s
cisco ios_xe 3.9.2s
cisco ios_xe 3.11.0s
sun opensolaris snv_124
cisco ios_xe 3.8.0s
cisco ios_xe 3.10.1s
cisco ios_xe 3.8.2s
cisco ios_xe 3.10.0s
cisco ios_xe 3.9.1as
cisco ios_xe 3.9.1s
samsung x14j_firmware t-ms14jakucb-1102.5
cisco ios_xe 3.8.1s
zzinc keymouse_firmware 3.08
lenovo thinkcentre_e75s_firmware *
cisco ios_xe 3.10.1xbs
CVE-2016-1919 LOW

Samsung KNOX 1.0 uses a weak eCryptFS Key generation algorithm, which makes it easier for local users to obtain sensitive information by leveraging knowledge of the TIMA key and a brute-force attack.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,CWE-310,

Products Affected

Vendor Product Version
samsung knox *
CVE-2016-1920 MEDIUM

Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
samsung knox 1.0
CVE-2016-2036 LOW

The getURL function in drivers/secfilter/urlparser.c in secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to trigger a NULL pointer dereference via a "GET HTTP/1.1" request, aka SVE-2016-5036.

CVSS 2.0

Severity: LOW

Problem Type: CWE-476,

Products Affected

Vendor Product Version
samsung galaxy_note_3_firmware n9005xxugbob6
samsung galaxy_s6_firmware g920fxxu2coh2
CVE-2016-2565 LOW

Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to read sent e-mail messages, aka SVE-2015-5081.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
samsung galaxy_s6_firmware g920fxxu2coh2
CVE-2016-2566 HIGH

Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices has SQL injection, aka SVE-2015-5081.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
samsung galaxy_s6_firmware g920fxxu2coh2
CVE-2016-2567 LOW

secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to bypass URL filtering by inserting an "exceptional URL" in the query string, as demonstrated by the http://should-have-been-filtered.example.com/?http://google.com URL.

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,

Products Affected

Vendor Product Version
samsung galaxy_note_3_firmware n9005xxugbob6
samsung galaxy_s6_firmware g920fxxu2coh2
CVE-2016-3996 MEDIUM

ClipboardDataMgr in Samsung KNOX 1.0.0 and 2.3.0 does not properly check the caller, which allows local users to read KNOX clipboard data via a crafted application.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
samsung knox 1.0
samsung knox 2.3.0
CVE-2016-4030 MEDIUM

Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices have unintended availability of the modem in USB configuration number 2 within the secure lockscreen state, allowing an attacker to make phone calls, send text messages, or issue commands, aka SVE-2016-5301.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
samsung galaxy_s4_firmware i9505xxuhoj2
samsung galaxy_note_3_firmware n9005xxugbob6
samsung galaxy_s4_mini_firmware i9192xxubnb1
samsung galaxy_s4_mini_lte_firmware i9195xxucol1
samsung galaxy_s6_firmware g920fxxu2coh2
CVE-2016-4031 MEDIUM

Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices allow attackers to send AT commands by plugging the device into a Linux host, aka SVE-2016-5301.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
samsung galaxy_s4_firmware i9505xxuhoj2
samsung galaxy_note_3_firmware n9005xxugbob6
samsung galaxy_s4_mini_firmware i9192xxubnb1
samsung galaxy_s4_mini_lte_firmware i9195xxucol1
samsung galaxy_s6_firmware g920fxxu2coh2
CVE-2016-4032 LOW

Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices do not block AT+USBDEBUG and AT+WIFIVALUE, which allows attackers to modify Android settings by leveraging AT access, aka SVE-2016-5301.

CVSS 2.0

Severity: LOW

Problem Type: CWE-284,

Products Affected

Vendor Product Version
samsung galaxy_s4_firmware i9505xxuhoj2
samsung galaxy_note_3_firmware n9005xxugbob6
samsung galaxy_s4_mini_firmware i9192xxubnb1
samsung galaxy_s4_mini_lte_firmware i9195xxucol1
samsung galaxy_s6_firmware g920fxxu2coh2
CVE-2016-4038 HIGH

Array index error in the msm_sensor_config function in kernel/SM-G9008V_CHN_KK_Opensource/Kernel/drivers/media/platform/msm/camera_v2/sensor/msm_sensor.c in Samsung devices with Android KK(4.4) or L and an APQ8084, MSM8974, or MSM8974pro chipset allows local users to have unspecified impact via the gpio_config.gpio_name value.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
samsung samsung_mobile 5.0
samsung samsung_mobile 4.4
samsung samsung_mobile 5.1
CVE-2016-4546 LOW

Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted data in a service call.

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,

Products Affected

Vendor Product Version
samsung samsung_mobile 5.0
samsung samsung_mobile 4.4
samsung samsung_mobile 5.1
CVE-2016-4547 MEDIUM

Samsung devices with Android KK(4.4), L(5.0/5.1), or M(6.0) allow attackers to cause a denial of service (system crash) via a crafted system call to TvoutService_C.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
samsung samsung_mobile 6.0
samsung samsung_mobile 5.0
samsung samsung_mobile 4.4
samsung samsung_mobile 5.1
CVE-2016-6526 HIGH

The SpamCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
samsung samsung_mobile 6.0
samsung samsung_mobile 5.0
samsung samsung_mobile 5.1
CVE-2016-6527 HIGH

The SmartCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
samsung samsung_mobile 6.0
samsung samsung_mobile 5.0
samsung samsung_mobile 5.1
CVE-2016-6604 HIGH

NULL pointer dereference in Samsung Exynos fimg2d driver for Android L(5.0/5.1) and M(6.0) allows attackers to have unspecified impact via unknown vectors. The Samsung ID is SVE-2016-6382.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-476,

Products Affected

Vendor Product Version
samsung exynos_fimg2d -
CVE-2016-7160 HIGH

A vulnerability on Samsung Mobile M(6.0) devices exists because external access to SystemUI activities is not properly restricted, leading to a SystemUI crash and device restart, aka SVE-2016-6248.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-476,

Products Affected

Vendor Product Version
samsung samsung_mobile 6.0
CVE-2016-9277 HIGH

Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note devices allows attackers to cause a denial of service (UI restart) via vectors involving APIs and an activity that computes an out-of-bounds array index, aka SVE-2016-6906.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
samsung samsung_mobile 5.0
samsung samsung_mobile 4.4
samsung samsung_mobile 5.1
CVE-2016-9278 MEDIUM

The Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows local users to cause a denial of service (kernel panic) via a crafted ioctl command. The Samsung ID is SVE-2016-6736.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
samsung exynos_fimg2d_driver -
CVE-2016-9279 MEDIUM

Use-after-free vulnerability in the Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows attackers to obtain sensitive information via unspecified vectors. The Samsung ID is SVE-2016-6853.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
samsung exynos_fimg2d_driver -
CVE-2016-9567 MEDIUM

The mDNIe system service on Samsung Mobile S7 devices with M(6.0) software does not properly restrict setmDNIeScreenCurtain API calls, enabling attackers to control a device's screen. This can be exploited via a crafted application to eavesdrop after phone shutdown or record a conversation. The Samsung ID is SVE-2016-6343.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
samsung samsung_mobile 6.0
CVE-2016-9965 HIGH

Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7119.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-388,

Products Affected

Vendor Product Version
samsung samsung_mobile 6.0
samsung samsung_mobile 5.0
samsung samsung_mobile 7.0
samsung samsung_mobile 5.1
CVE-2016-9966 HIGH

Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7120.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-388,

Products Affected

Vendor Product Version
samsung samsung_mobile 6.0
samsung samsung_mobile 5.0
samsung samsung_mobile 7.0
samsung samsung_mobile 5.1
CVE-2016-9967 HIGH

Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7121.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-388,

Products Affected

Vendor Product Version
samsung samsung_mobile 6.0
samsung samsung_mobile 5.0
samsung samsung_mobile 7.0
samsung samsung_mobile 5.1
CVE-2017-10963 MEDIUM

In Knox SDS IAM (Identity Access Management) and EMM (Enterprise Mobility Management) 16.11 on Samsung mobile devices, a man-in-the-middle attacker can install any application into the Knox container (without the user's knowledge) by inspecting network traffic from a Samsung server and injecting content at a certain point in the update sequence. This installed application can further leak information stored inside the Knox container to the outside world.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-74,

Products Affected

Vendor Product Version
samsung knox_identity_access_management 16.11
samsung knox_enterprise_mobility_management 16.11
CVE-2017-14262 HIGH

On Samsung NVR devices, remote attackers can read the MD5 password hash of the 'admin' account via certain szUserName JSON data to cgi-bin/main-cgi, and login to the device with that hash in the szUserPasswd parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-326,

Products Affected

Vendor Product Version
samsung srn_472s_firmware -
samsung srn_470d_firmware -
samsung srn_1000_firmware -
samsung srn_1670d_firmware -
CVE-2017-17692 MEDIUM

Samsung Internet Browser 5.4.02.3 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that redirects to a child tab and rewrites the innerHTML property.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
samsung internet_browser 5.4.02.3
CVE-2017-17859 MEDIUM

Samsung Internet Browser 6.2.01.12 allows remote attackers to bypass the Same Origin Policy, and conduct UXSS attacks to obtain sensitive information, via vectors involving an IFRAME element inside XSLT data in one part of an MHTML file. Specifically, JavaScript code in another part of this MHTML file does not have a document.domain value corresponding to the domain that is hosting the MHTML file, but instead has a document.domain value corresponding to an arbitrary URL within the content of the MHTML file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
samsung internet_browser 6.2.01.12
CVE-2017-18020 HIGH

On Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software and Exynos chipsets, attackers can execute arbitrary code in the bootloader because S Boot omits a size check during a copy of ramfs data to memory. The Samsung ID is SVE-2017-10598.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
samsung samsung_mobile 6.0
samsung samsung_mobile 6.0.1
samsung samsung_mobile 5.0
samsung samsung_mobile 7.1.2
samsung samsung_mobile 7.1
samsung samsung_mobile 5.1.1
samsung samsung_mobile 7.1.1
samsung samsung_mobile 7.0
samsung samsung_mobile 5.1
CVE-2017-18681 HIGH

An issue was discovered on Samsung Galaxy S5 mobile devices with software through 2016-12-20 (Qualcomm AP chipsets). There are multiple buffer overflows in the bootloader. The Samsung ID is SVE-2016-7930 (March 2017).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
samsung galaxy_s5_firmware *
CVE-2017-3218 HIGH

Samsung Magician 5.0 fails to validate TLS certificates for HTTPS software update traffic. Prior to version 5.0, Samsung Magician uses HTTP for software updates.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-295,CWE-311,CWE-345,

Products Affected

Vendor Product Version
samsung magician 5.0
CVE-2017-5217 HIGH

Installing a zero-permission Android application on certain Samsung Android devices with KK(4.4), L(5.0/5.1), and M(6.0) software can continually crash the system_server process in the Android OS. The zero-permission app will create an active install session for a separate app that it has embedded within it. The active install session of the embedded app is performed using the android.content.pm.PackageInstaller class and its nested classes in the Android API. The active install session will write the embedded APK file to the /data/app directory, but the app will not be installed since third-party applications cannot programmatically install apps. Samsung has modified AOSP in order to accelerate the parsing of APKs by introducing the com.android.server.pm.PackagePrefetcher class and its nested classes. These classes will parse the APKs present in the /data/app directory and other directories, even if the app is not actually installed. The embedded APK that was written to the /data/app directory via the active install session has a very large but valid AndroidManifest.xml file. Specifically, the AndroidManifest.xml file contains a very large string value for the name of a permission-tree that it declares. When system_server tries to parse the APK file of the embedded app from the active install session, it will crash due to an uncaught error (i.e., java.lang.OutOfMemoryError) or an uncaught exception (i.e., std::bad_alloc) because of memory constraints. The Samsung Android device will encounter a soft reboot due to a system_server crash, and this action will keep repeating since parsing the APKs in the /data/app directory as performed by the system_server process is part of the normal boot process. The Samsung ID is SVE-2016-6917.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,CWE-119,

Products Affected

Vendor Product Version
samsung samsung_mobile 6.0
samsung samsung_mobile 5.0
samsung samsung_mobile 4.4
samsung samsung_mobile 5.1
CVE-2017-5350 MEDIUM

Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allow attackers to crash systemUI by leveraging incomplete exception handling. The Samsung ID is SVE-2016-7122.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung samsung_mobile 6.0
samsung samsung_mobile 5.0
samsung samsung_mobile 7.0
samsung samsung_mobile 5.1
CVE-2017-5351 HIGH

Samsung Note devices with KK(4.4), L(5.0/5.1), and M(6.0) software allow attackers to crash the system by creating an arbitrarily large number of active VR service threads. The Samsung ID is SVE-2016-7650.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-400,

Products Affected

Vendor Product Version
samsung samsung_mobile 6.0
samsung samsung_mobile 5.0
samsung samsung_mobile 4.4
samsung samsung_mobile 5.1
CVE-2017-5538 HIGH

The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c in the GPU driver on Samsung devices with M(6.0) and N(7.0) software and Exynos AP chipsets allows attackers to have unspecified impact via unknown vectors, which trigger an out-of-bounds read, aka SVE-2016-6362.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
samsung samsung_mobile 6.0
samsung samsung_mobile 7.0
CVE-2017-5925 MEDIUM

Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
amd e-350 -
intel atom_c2750 -
amd athlon_ii_640_x4 -
intel core_i7-6700k -
intel core_i7-3632qm -
nvidia tegra_k1_cd570m-a1 -
amd fx-8350_8-core -
amd phenom_9550_4-core -
intel core_i5_m480 -
intel celeron_n2840 -
intel xeon_e3-1240_v5 -
allwinner a64 -
amd fx-8120_8-core -
intel core_i7-2620qm -
intel core_i7_920 -
intel core_i7-4500u -
amd fx-8320_8-core -
samsung exynos_5800 -
intel xeon_e5-2658_v2 -
nvidia tegra_k1_cd580m-a1 -
CVE-2017-5926 MEDIUM

Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
amd e-350 -
intel atom_c2750 -
amd athlon_ii_640_x4 -
intel core_i7-6700k -
intel core_i7-3632qm -
nvidia tegra_k1_cd570m-a1 -
amd fx-8350_8-core -
amd phenom_9550_4-core -
intel core_i5_m480 -
intel celeron_n2840 -
intel xeon_e3-1240_v5 -
allwinner a64 -
amd fx-8120_8-core -
intel core_i7-2620qm -
intel core_i7_920 -
intel core_i7-4500u -
amd fx-8320_8-core -
samsung exynos_5800 -
intel xeon_e5-2658_v2 -
nvidia tegra_k1_cd580m-a1 -
CVE-2017-5927 MEDIUM

Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
amd e-350 -
intel atom_c2750 -
amd athlon_ii_640_x4 -
intel core_i7-6700k -
intel core_i7-3632qm -
nvidia tegra_k1_cd570m-a1 -
amd fx-8350_8-core -
amd phenom_9550_4-core -
intel core_i5_m480 -
intel celeron_n2840 -
intel xeon_e3-1240_v5 -
allwinner a64 -
amd fx-8120_8-core -
intel core_i7-2620qm -
intel core_i7_920 -
intel core_i7-4500u -
amd fx-8320_8-core -
samsung exynos_5800 -
intel xeon_e5-2658_v2 -
nvidia tegra_k1_cd580m-a1 -
CVE-2017-7978 MEDIUM

Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software allow attackers to obtain sensitive information by reading a world-readable log file after an unexpected reboot. The Samsung ID is SVE-2017-8290.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
samsung samsung_mobile 6.0
samsung samsung_mobile 5.0
samsung samsung_mobile 7.1.2
samsung samsung_mobile 7.1
samsung samsung_mobile 7.1.1
samsung samsung_mobile 7.0
samsung samsung_mobile 5.1
CVE-2018-10496 MEDIUM

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Internet Browser Fixed in version 6.4.0.15. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of TypedArray objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5326.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,CWE-20,

Products Affected

Vendor Product Version
samsung samsung_internet_browser *
CVE-2018-10497 MEDIUM

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of EML files. The issue results from the lack of proper validation of user-supplied data, which can allow arbitrary JavaScript to execute. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5328.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,CWE-20,

Products Affected

Vendor Product Version
samsung samsung_email *
CVE-2018-10498 LOW

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of file:/// URIs. The issue lies in the lack of proper validation of user-supplied data, which can allow for reading arbitrary files. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges. Was ZDI-CAN-5329.

CVSS 2.0

Severity: LOW

Problem Type: CWE-37,CWE-200,

Products Affected

Vendor Product Version
samsung samsung_email *
CVE-2018-10499 MEDIUM

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of URLs. The issue lies in the lack of proper validation of user-supplied data, which can allow arbitrary JavaScript to execute. An attacker can leverage this vulnerability to install applications under the context of the current user. Was ZDI-CAN-5330.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,CWE-20,

Products Affected

Vendor Product Version
samsung galaxy_apps *
CVE-2018-10500 MEDIUM

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of push messages. The issue lies in the ability to start an activity with controlled arguments. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5331.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_apps *
CVE-2018-10501 MEDIUM

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Notes Fixed in version 2.0.02.31. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of ZIP files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5358.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,CWE-22,

Products Affected

Vendor Product Version
samsung notes *
CVE-2018-10502 MEDIUM

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 4.2.18.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of a staging mode. The issue lies in the ability to change the configuration based on the presence of a file in an user-controlled location. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5359.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,CWE-20,

Products Affected

Vendor Product Version
samsung galaxy_apps *
CVE-2018-10751 MEDIUM

A malformed OMACP WAP push message can cause memory corruption on a Samsung S7 Edge device when processing the String Extension portion of the WbXml payload. This is due to an integer overflow in memory allocation for this string. The Samsung ID is SVE-2018-11463.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
samsung samsung_mobile 6.0
samsung samsung_mobile 7.1.2
samsung samsung_mobile 7.1
samsung samsung_mobile 7.1.1
samsung samsung_mobile 7.0
CVE-2018-11614 MEDIUM

This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Samsung Members Fixed in version 2.4.25. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Intents. The issue lies in the ability to send an Intent that would not otherwise be reachable. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5361.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung samsung_members *
CVE-2018-11689 MEDIUM

Web Viewer for Hanwha DVR 2.17 and Smart Viewer in Samsung Web Viewer for Samsung DVR are vulnerable to XSS via the /cgi-bin/webviewer_login_page data3 parameter. (The same Web Viewer codebase was transitioned from Samsung to Hanwha.)

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
hanwha-security hrd-842_firmware *
hanwha-security hrd-440_firmware *
hanwha-security hrd-1641_firmware *
hanwha-security hrd-443_firmware *
hanwha-security hrd-841_firmware *
hanwha-security srd-1694u_firmware *
samsung smartviewer -
hanwha-security hrd-442_firmware *
hanwha-security hrd-1642_firmware *
hanwha-security hrd-840_firmware *
CVE-2018-12037 LOW

An issue was discovered on Samsung 840 EVO and 850 EVO devices (only in "ATA high" mode, not vulnerable in "TCG" or "ATA max" mode), Samsung T3 and T5 portable drives, and Crucial MX100, MX200 and MX300 devices. Absence of a cryptographic link between the password and the Disk Encryption Key allows attackers with privileged access to SSD firmware full access to encrypted data.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung 840_evo_firmware -
micron crucial_mx200_firmware -
samsung 850_evo_firmware -
micron crucial_mx300_firmware -
samsung t3_firmware -
micron crucial_mx100_firmware -
samsung t5_firmware -
CVE-2018-12038 LOW

An issue was discovered on Samsung 840 EVO devices. Vendor-specific commands may allow access to the disk-encryption key.

CVSS 2.0

Severity: LOW

Problem Type: CWE-522,

Products Affected

Vendor Product Version
samsung 840_evo_firmware -
CVE-2018-14318 MEDIUM

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8 G950FXXU1AQL5. User interaction is required to exploit this vulnerability in that the target must have their cellular radios enabled. The specific flaw exists within the handling of IPCP headers. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the baseband processor. Was ZDI-CAN-5368.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-121,CWE-20,

Products Affected

Vendor Product Version
samsung galaxy_s8_firmware g950fxxu1aql5
CVE-2018-14745 MEDIUM

Buffer overflow in prot_get_ring_space in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to overwrite kernel memory due to improper validation of the ring buffer read pointer. The Samsung ID is SVE-2018-12029.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
samsung galaxy_s6_firmware g920fxxu5eqh7
CVE-2018-14852 MEDIUM

Out-of-bounds array access in dhd_rx_frame in drivers/net/wireless/bcmdhd4358/dhd_linux.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause invalid accesses to operating system memory due to improper validation of the network interface index provided by the Wi-Fi chip's firmware.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
samsung galaxy_s6_firmware g920fxxu5eqh7
CVE-2018-14853 LOW

A NULL pointer dereference in dhd_prot_txdata_write_flush in drivers/net/wireless/bcmdhd4358/dhd_msgbuf.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device to reboot. The Samsung ID is SVE-2018-11783.

CVSS 2.0

Severity: LOW

Problem Type: CWE-476,

Products Affected

Vendor Product Version
samsung galaxy_s6_firmware g920fxxu5eqh7
CVE-2018-14854 MEDIUM

Buffer overflow in dhd_bus_flow_ring_delete_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
samsung galaxy_s6_firmware g920fxxu5eqh7
CVE-2018-14855 MEDIUM

Buffer overflow in dhd_bus_flow_ring_flush_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
samsung galaxy_s6_firmware g920fxxu5eqh7
CVE-2018-14856 MEDIUM

Buffer overflow in dhd_bus_flow_ring_create_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-Fi) chip to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
samsung galaxy_s6_firmware g920fxxu5eqh7
CVE-2018-14904 MEDIUM

Samsung Syncthru Web Service V4.05.61 is vulnerable to Multiple unauthenticated XSS attacks on several parameters, as demonstrated by ruiFw_pid.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
samsung syncthru_web_service 4.05.61
CVE-2018-14908 MEDIUM

Samsung Syncthru Web Service V4.05.61 is vulnerable to CSRF on every request, as demonstrated by sws.application/printinformation/printReportSetupView.sws for a "Print emails sent" action.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
samsung syncthru_web_service 4.05.61
CVE-2018-16269 MEDIUM

The wnoti system service in Samsung Galaxy Gear series allows an unprivileged process to take over the internal notification message data, due to improper D-Bus security policy configurations. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
samsung gear_2_firmware *
samsung gear_fit_2_firmware *
samsung gear_live_firmware *
samsung gear_fit_2_pro_firmware *
samsung gear_s3_firmware *
samsung gear_s2_firmware *
samsung gear_s_firmware *
samsung gear_fit_firmware *
samsung gear_sport_firmware *
samsung galaxy_gear_firmware *
CVE-2018-16270 MEDIUM

Samsung Galaxy Gear series before build RE2 includes the hcidump utility with no privilege or permission restriction. This allows an unprivileged process to dump Bluetooth HCI packets to an arbitrary file path.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,

Products Affected

Vendor Product Version
samsung gear_2_firmware *
samsung gear_fit_2_firmware *
samsung gear_live_firmware *
samsung gear_fit_2_pro_firmware *
samsung gear_s3_firmware *
samsung gear_s2_firmware *
samsung gear_s_firmware *
samsung gear_fit_firmware *
samsung gear_sport_firmware *
samsung galaxy_gear_firmware *
CVE-2018-16271 LOW

The wemail_consumer_service (from the built-in application wemail) in Samsung Galaxy Gear series allows an unprivileged process to manipulate a user's mailbox, due to improper D-Bus security policy configurations. An arbitrary email can also be sent from the mailbox via the paired smartphone. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-269,

Products Affected

Vendor Product Version
samsung gear_2_firmware *
samsung gear_fit_2_firmware *
samsung gear_live_firmware *
samsung gear_fit_2_pro_firmware *
samsung gear_s3_firmware *
samsung gear_s2_firmware *
samsung gear_s_firmware *
samsung gear_fit_firmware *
samsung gear_sport_firmware *
samsung galaxy_gear_firmware *
CVE-2018-16272 HIGH

The wpa_supplicant system service in Samsung Galaxy Gear series allows an unprivileged process to fully control the Wi-Fi interface, due to the lack of its D-Bus security policy configurations. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-269,

Products Affected

Vendor Product Version
samsung gear_2_firmware *
samsung gear_fit_2_firmware *
samsung gear_live_firmware *
samsung gear_fit_2_pro_firmware *
samsung gear_s3_firmware *
samsung gear_s2_firmware *
samsung gear_s_firmware *
samsung gear_fit_firmware *
samsung gear_sport_firmware *
samsung galaxy_gear_firmware *
CVE-2018-17969 MEDIUM

Samsung SCX-6545X V2.00.03.01 03-23-2012 devices allows remote attackers to discover cleartext credentials via iso.3.6.1.4.1.236.11.5.11.81.10.1.5.0 and iso.3.6.1.4.1.236.11.5.11.81.10.1.6.0 SNMP requests.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-522,

Products Affected

Vendor Product Version
samsung scx-6545x_firmware 2.00.03.01
CVE-2018-20135 MEDIUM

Samsung Galaxy Apps before 4.4.01.7 allows modification of the hostname used for load balancing on installations of applications through a man-in-the-middle attack. An attacker may trick Galaxy Apps into using an arbitrary hostname for which the attacker can provide a valid SSL certificate, and emulate the API of the app store to modify existing apps at installation time. The specific flaw involves an HTTP method to obtain the load-balanced hostname that enforces SSL only after obtaining a hostname from the load balancer, and a missing app signature validation in the application XML. An attacker can exploit this vulnerability to achieve Remote Code Execution on the device. The Samsung ID is SVE-2018-12071.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
samsung galaxy_apps *
CVE-2018-3856 HIGH

An exploitable vulnerability exists in the smart cameras RTSP configuration of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The device incorrectly handles spaces in the URL field, leading to an arbitrary operating system command injection. An attacker can send a series of HTTP requests to trigger this vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-88,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3863 HIGH

On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. A strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long "user" value in order to exploit this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.9 CRITICAL CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 3.1 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3864 HIGH

An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long "password" value in order to exploit this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3865 HIGH

An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long "cameraIp" value in order to exploit this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3866 HIGH

An exploitable buffer overflow vulnerability exists in the samsungWifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. The strcpy at [8] overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long 'callbackUrl' value in order to exploit this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.9 CRITICAL CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 3.1 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3867 HIGH

An exploitable stack-based buffer overflow vulnerability exists in the samsungWifiScan callback notification of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly handles the answer received from a smart camera, leading to a buffer overflow on the stack. An attacker can send a series of HTTP requests to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.9 CRITICAL CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 3.1 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3872 HIGH

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts the videoHostUrl field from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3873 HIGH

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 128 bytes. An attacker can send an arbitrarily long "secretKey" value in order to exploit this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.9 CRITICAL CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 3.1 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3874 HIGH

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 32 bytes. An attacker can send an arbitrarily long "accessKey" value in order to exploit this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.9 CRITICAL CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 3.1 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3875 HIGH

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. The strncpy overflows the destination buffer, which has a size of 2,000 bytes. An attacker can send an arbitrarily long "sessionToken" value in order to exploit this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.9 CRITICAL CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 3.1 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3876 HIGH

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 64 bytes. An attacker can send an arbitrarily long "bucket" value in order to exploit this vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3877 HIGH

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 160 bytes. An attacker can send an arbitrarily long "directory" value in order to exploit this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.9 CRITICAL CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 3.1 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3878 HIGH

Multiple exploitable buffer overflow vulnerabilities exist in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. A strncpy overflows the destination buffer, which has a size of 16 bytes. An attacker can send an arbitrarily long "region" value in order to exploit this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.9 CRITICAL CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 3.1 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3879 MEDIUM

An exploitable JSON injection vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly parses the user-controlled JSON payload, leading to a JSON injection which in turn leads to a SQL injection in the video-core database. An attacker can send a series of HTTP requests to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3880 HIGH

An exploitable stack-based buffer overflow vulnerability exists in the database 'find-by-cameraId' functionality of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles existing records inside its SQLite database, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.9 CRITICAL CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 3.1 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3893 HIGH

An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3894 HIGH

An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long "startTime" value in order to exploit this vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3895 HIGH

An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 Firmware version 0.20.17. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long 'endTime' value in order to exploit this vulnerability. An attacker can send an HTTP request to trigger this vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3896 HIGH

An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub with Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long "correlationId" value in order to exploit this vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3897 HIGH

An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub with Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long "callbackUrl" value in order to exploit this vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3902 HIGH

An exploitable buffer overflow vulnerability exists in the camera "replace" feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly extracts the URL field from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3903 HIGH

On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. The memcpy call overflows the destination buffer, which has a size of 512 bytes. An attacker can send an arbitrarily long "url" value in order to overwrite the saved-PC with 0x42424242.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.9 CRITICAL CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 3.1 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3904 HIGH

An exploitable buffer overflow vulnerability exists in the camera 'update' feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.9 CRITICAL CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 3.1 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3905 HIGH

An exploitable buffer overflow vulnerability exists in the camera "create" feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly extracts the "state" field from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.9 CRITICAL CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 3.1 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3906 HIGH

An exploitable stack-based buffer overflow vulnerability exists in the retrieval of a database field in video-core's HTTP server of Samsung SmartThings Hub. The video-core process insecurely extracts the shard.videoHostURL field from its SQLite database, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3907 MEDIUM

An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, 'on_url' callback. An attacker can send an HTTP request to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 10.0 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H 3.9 5.8

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-444,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3908 MEDIUM

An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, URL and body. With the implementation of the on_body callback, defined by sub_41734, an attacker can send an HTTP request to trigger this vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-444,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3909 MEDIUM

An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, 'onmessagecomplete' callback. An attacker can send an HTTP request to trigger this vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-444,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3911 MEDIUM

An exploitable HTTP header injection vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated message to SmartThings' remote servers, which insecurely handle JSON messages, leading to partially controlled requests generated toward the internal video-core process. An attacker can send an HTTP request to trigger this vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-113,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3912 MEDIUM

On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process insecurely extracts the fields from the "shard" table of its SQLite database, leading to a buffer overflow on the stack. The strcpy call overflows the destination buffer, which has a size of 128 bytes. An attacker can send an arbitrarily long "secretKey" value in order to exploit this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3913 HIGH

An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 32 bytes. An attacker can send an arbitrarily long "accessKey" value in order to exploit this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3914 HIGH

An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 2000 bytes. An attacker can send an arbitrarily long "sessionToken" value in order to exploit this vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3915 HIGH

An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 64 bytes. An attacker can send an arbitrarily long "bucket" value in order to exploit this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.2 HIGH CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H 1.5 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3916 HIGH

An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 136 bytes. An attacker can send an arbitrarily long 'directory' value in order to exploit this vulnerability. An attacker can send an HTTP request to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3917 HIGH

On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process insecurely extracts the fields from the "shard" table of its SQLite database, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. The strcpy call overflows the destination buffer, which has a size of 16 bytes. An attacker can send an arbitrarily long "region" value in order to exploit this vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3918 MEDIUM

An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated messages to SmartThings' remote servers, which incorrectly handle camera IDs for the 'sync' operation, leading to arbitrary deletion of cameras. An attacker can send an HTTP request to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-707,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3919 HIGH

An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process insecurely extracts the fields from the "clips" table of its SQLite database, leading to a buffer overflow on the stack. An attacker can send a series of HTTP requests to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.9 CRITICAL CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 3.1 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3925 HIGH

An exploitable buffer overflow vulnerability exists in the remote video-host communication of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process insecurely parses the AWSELB cookie while communicating with remote video-host servers, leading to a buffer overflow on the heap. An attacker able to impersonate the remote HTTP servers could trigger this vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3926 MEDIUM

An exploitable integer underflow vulnerability exists in the ZigBee firmware update routine of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process incorrectly handles malformed files existing in its data directory, leading to an infinite loop, which eventually causes the process to crash. An attacker can send an HTTP request to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-191,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-3927 MEDIUM

An exploitable information disclosure vulnerability exists in the crash handler of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. When hubCore crashes, Google Breakpad is used to record minidumps, which are sent over an insecure HTTPS connection to the backtrace.io service, leading to the exposure of sensitive data. An attacker can impersonate the remote backtrace.io server in order to trigger this vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
samsung sth-eth-250_firmware 0.20.17
CVE-2018-5210 HIGH

On Samsung mobile devices with N(7.x) software and Exynos chipsets, attackers can conduct a Trustlet stack overflow attack for arbitrary TEE code execution, in conjunction with a brute-force attack to discover unlock information (PIN, password, or pattern). The Samsung ID is SVE-2017-10733.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
samsung samsung_mobile 7.1.2
samsung samsung_mobile 7.1
samsung samsung_mobile 7.1.1
samsung samsung_mobile 7.0
CVE-2018-6019 MEDIUM

Samsung Display Solutions App before 3.02 for Android allows man-in-the-middle attackers to spoof B2B content by leveraging failure to use encryption during information transmission.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-319,

Products Affected

Vendor Product Version
samsung display_solutions *
CVE-2018-9139 HIGH

On Samsung mobile devices with N(7.x) software, a buffer overflow in the vision service allows code execution in a privileged process via a large frame size, aka SVE-2017-11165.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
samsung samsung_mobile 7.1.2
samsung samsung_mobile 7.1
samsung samsung_mobile 7.1.1
samsung samsung_mobile 7.0
CVE-2018-9140 MEDIUM

On Samsung mobile devices with M(6.0) software, the Email application allows XSS via an event attribute and arbitrary file loading via a src attribute, aka SVE-2017-10747.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
samsung samsung_mobile 6.0
CVE-2018-9141 HIGH

On Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software, Gallery allows remote attackers to execute arbitrary code via a BMP file with a crafted resolution, aka SVE-2017-11105.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
samsung samsung_mobile 6.0
samsung samsung_mobile 5.0
samsung samsung_mobile 7.1.2
samsung samsung_mobile 7.1
samsung samsung_mobile 7.1.1
samsung samsung_mobile 7.0
samsung samsung_mobile 5.1
CVE-2018-9142 HIGH

On Samsung mobile devices with N(7.x) software, attackers can install an arbitrary APK in the Secure Folder SD Card area because of faulty validation of a package signature and package name, aka SVE-2017-10932.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
samsung samsung_mobile 7.1.2
samsung samsung_mobile 7.1
samsung samsung_mobile 7.1.1
samsung samsung_mobile 7.0
CVE-2018-9143 HIGH

On Samsung mobile devices with M(6.0) and N(7.x) software, a heap overflow in the sensorhub binder service leads to code execution in a privileged process, aka SVE-2017-10991.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
samsung samsung_mobile 6.0
samsung samsung_mobile 7.1.2
samsung samsung_mobile 7.1
samsung samsung_mobile 7.1.1
samsung samsung_mobile 7.0
CVE-2019-12087 MEDIUM

Samsung S9+, S10, and XCover 4 P(9.0) devices can become temporarily inoperable because of an unprotected intent in the ContainerAgent application. For example, the victim becomes stuck in a launcher with their Secure Folder locked. NOTE: the researcher mentions "the Samsung Security Team considered this issue as no/little security impact.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
samsung s9+_firmware -
samsung xcover_4_firmware -
samsung s10_firmware -
CVE-2019-12315 MEDIUM

Samsung SCX-824 printers allow a reflected Cross-Site-Scripting (XSS) vulnerability that can be triggered by using the "print from file" feature, as demonstrated by the sws/swsAlert.sws?popupid=successMsg msg parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
samsung scx-824_firmware -
CVE-2019-12762 LOW

Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anomalies via a radio signal between 198 kHz and 203 kHz, as demonstrated by a transmitter and antenna hidden just beneath the surface of a coffee-shop table, aka Ghost Touch.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.2 MEDIUM CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N 0.5 3.6

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
google nexus_7_firmware -
sony xperia_z4_firmware -
sharp aquos_zeta_sh-04f_firmware -
fujitsu arrows_nx_f05-f_firmware -
samsung galaxy_s4_firmware -
mi mi_5s_plus_firmware -
google nexus_9_firmware -
samsung galaxy_s6_edge_firmware -
CVE-2019-15433 MEDIUM

The Samsung A3 Android device with a build fingerprint of samsung/a3y17ltedx/a3y17lte:8.0.0/R16NW/A320YDXU4CSB3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_a3_firmware -
CVE-2019-15434 MEDIUM

The Samsung A5 Android device with a build fingerprint of samsung/a5y17ltexx/a5y17lte:8.0.0/R16NW/A520FXXS8CSC5:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_a5_firmware -
CVE-2019-15435 MEDIUM

The Samsung A7 Android device with a build fingerprint of samsung/a7y17ltexx/a7y17lte:8.0.0/R16NW/A720FXXU7CSC2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_a7_firmware -
CVE-2019-15436 MEDIUM

The Samsung A8+ Android device with a build fingerprint of samsung/jackpot2ltexx/jackpot2lte:8.0.0/R16NW/A730FXXS4BSC2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_a8+_firmware -
CVE-2019-15437 MEDIUM

The Samsung XCover4 Android device with a build fingerprint of samsung/xcover4ltexx/xcover4lte:8.1.0/M1AJQ/G390FXXU3BSA2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_xcover4_firmware -
CVE-2019-15438 MEDIUM

The Samsung XCover4 Android device with a build fingerprint of samsung/xcover4ltedo/xcover4lte:8.1.0/M1AJQ/G390YDXU2BSA1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_xcover4_firmware -
CVE-2019-15439 MEDIUM

The Samsung XCover4 Android device with a build fingerprint of samsung/xcover4ltedo/xcover4lte:8.1.0/M1AJQ/G390YDXU2BSA1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_xcover4_firmware -
CVE-2019-15440 MEDIUM

The Samsung J5 Android device with a build fingerprint of samsung/on5xeltedx/on5xelte:8.0.0/R16NW/G570YDXU2CRL1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=6010000, versionName=6.1.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_j5_firmware -
CVE-2019-15441 MEDIUM

The Samsung on7xeltelgt Android device with a build fingerprint of samsung/on7xeltelgt/on7xeltelgt:8.1.0/M1AJQ/G610LKLU2CSB1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung on_7_firmware -
CVE-2019-15442 HIGH

The Samsung on7xelteskt Android device with a build fingerprint of samsung/on7xelteskt/on7xelteskt:8.1.0/M1AJQ/G610SKSU2CSB1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung on_7_firmware -
CVE-2019-15443 MEDIUM

The Samsung J7 Max Android device with a build fingerprint of samsung/j7maxlteins/j7maxlte:8.1.0/M1AJQ/G615FXXU2BSB1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_j7_max_firmware -
CVE-2019-15444 MEDIUM

The Samsung S7 Android device with a build fingerprint of samsung/heroltexx/herolte:8.0.0/R16NW/G930FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_s7_firmware -
CVE-2019-15445 MEDIUM

The Samsung S7 Android device with a build fingerprint of samsung/heroltexx/herolte:8.0.0/R16NW/G930FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_s7_firmware -
CVE-2019-15446 MEDIUM

The Samsung S7 Android device with a build fingerprint of samsung/heroltexx/herolte:8.0.0/R16NW/G930FXXU3ESAC:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_s7_firmware -
CVE-2019-15447 MEDIUM

The Samsung S7 Edge Android device with a build fingerprint of samsung/hero2ltexx/hero2lte:8.0.0/R16NW/G935FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_s7_edge_firmware -
CVE-2019-15448 MEDIUM

The Samsung S7 Edge Android device with a build fingerprint of samsung/hero2ltexx/hero2lte:8.0.0/R16NW/G935FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_s7_edge_firmware -
CVE-2019-15449 MEDIUM

The Samsung S7 Edge Android device with a build fingerprint of samsung/hero2ltexx/hero2lte:8.0.0/R16NW/G935FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_s7_edge_firmware -
CVE-2019-15450 HIGH

The Samsung j3popeltecan Android device with a build fingerprint of samsung/j3popeltevl/j3popeltecan:8.1.0/M1AJQ/J327WVLS3BSA2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_j3_pop_firmware -
CVE-2019-15451 MEDIUM

The Samsung J3 Android device with a build fingerprint of samsung/j3y17ltedx/j3y17lte:8.0.0/R16NW/J330GDXS3BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=6010000, versionName=6.1.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_j3_firmware -
CVE-2019-15452 MEDIUM

The Samsung J3 Android device with a build fingerprint of samsung/j3y17ltedx/j3y17lte:8.0.0/R16NW/J330GDXS3BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=6010000, versionName=6.1.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_j3_firmware -
CVE-2019-15453 MEDIUM

The Samsung J4 Android device with a build fingerprint of samsung/j4lteub/j4lte:8.0.0/R16NW/J400MUBS2ASC2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_j4_firmware -
CVE-2019-15454 MEDIUM

The Samsung J4 Android device with a build fingerprint of samsung/j4lteub/j4lte:8.0.0/R16NW/J400MUBU2ARL4:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_j4_firmware -
CVE-2019-15455 MEDIUM

The Samsung J5 Android device with a build fingerprint of samsung/j5y17ltexx/j5y17lte:8.1.0/M1AJQ/J530FXXU3BRL1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_j5_firmware -
CVE-2019-15456 MEDIUM

The Samsung J6 Android device with a build fingerprint of samsung/j6ltexx/j6lte:8.0.0/R16NW/J600FNXXU3ASC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_j6_firmware -
CVE-2019-15457 MEDIUM

The Samsung J6 Android device with a build fingerprint of samsung/j6ltexx/j6lte:8.0.0/R16NW/J600FNXXU3ASC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_j6_firmware -
CVE-2019-15458 MEDIUM

The Samsung J7 Neo Android device with a build fingerprint of samsung/j7veltedx/j7velte:8.1.0/M1AJQ/J701FXXS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_j7_neo_firmware -
CVE-2019-15459 MEDIUM

The Samsung J7 Neo Android device with a build fingerprint of samsung/j7velteub/j7velte:8.1.0/M1AJQ/J701MUBS6BSB3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_j7_neo_firmware -
CVE-2019-15460 MEDIUM

The Samsung J7 Neo Android device with a build fingerprint of samsung/j7veltedx/j7velte:8.1.0/M1AJQ/J701FXVS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_j7_neo_firmware -
CVE-2019-15461 MEDIUM

The Samsung J7 Neo Android device with a build fingerprint of samsung/j7velteub/j7velte:8.1.0/M1AJQ/J701MUBS6BSB4:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_j7_neo_firmware -
CVE-2019-15462 MEDIUM

The Samsung J7 Duo Android device with a build fingerprint of samsung/j7duolteub/j7duolte:8.0.0/R16NW/J720MUBS3ASB2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_j7_duo_firmware -
CVE-2019-15463 MEDIUM

The Samsung j7popeltemtr Android device with a build fingerprint of samsung/j7popeltemtr/j7popeltemtr:8.1.0/M1AJQ/J727T1UVS5BSC2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_j7_prime_firmware -
CVE-2019-15464 MEDIUM

The Samsung J7 Pro Android device with a build fingerprint of samsung/j7y17lteub/j7y17lte:8.1.0/M1AJQ/J730GUBS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_j7_pro_firmware -
CVE-2019-15465 MEDIUM

The Samsung J7 Pro Android device with a build fingerprint of samsung/j7y17lteubm/j7y17lte:8.1.0/M1AJQ/J730GMUBS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_j7_pro_firmware -
CVE-2019-16253 HIGH

The Text-to-speech Engine (aka SamsungTTS) application before 3.0.02.7 and 3.0.00.101 for Android allows a local attacker to escalate privileges, e.g., to system privileges. The Samsung case ID is 101755.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung text-to-speech *
CVE-2019-16256 HIGH

Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message, aka Simjacker.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung samsung_firmware -
trustedconnectivityalliance s@t_browser -
CVE-2019-16400 LOW

Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3), Samsung Galaxy S3 (Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: I9300XXUGNA8), and Samsung Galaxy Note 2 (Android version: 4.3, Build Number: JSS15J.I9300XUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: N7100DDUFND1) devices allow attackers to send AT commands over Bluetooth, resulting in several Denial of Service (DoS) attacks.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_note_2_firmware -
samsung galaxy_s8_plus_firmware -
samsung galaxy_s3_firmware -
CVE-2019-16401 LOW

Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3), Samsung Galaxy S3 (Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: I9300XXUGNA8), and Samsung Galaxy Note 2 (Android version: 4.3, Build Number: JSS15J.I9300XUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: N7100DDUFND1) devices allow injection of AT+CIMI and AT+CGSN over Bluetooth, leaking sensitive information such as IMSI, IMEI, call status, call setup stage, internet service status, signal strength, current roaming status, battery level, and call held status.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_note_2_firmware -
samsung galaxy_s8_plus_firmware -
samsung galaxy_s3_firmware -
CVE-2019-17668 MEDIUM

Samsung Galaxy S10 and Note10 devices allow unlock operations via unregistered fingerprints in certain situations involving a third-party screen protector.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.8 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 0.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung note_10_firmware -
samsung galaxy_s10_firmware -
CVE-2019-19273 HIGH

On Samsung mobile devices with O(8.0) and P(9.0) software and an Exynos 8895 chipset, RKP (aka the Samsung Hypervisor EL2 implementation) allows arbitrary memory write operations. The Samsung ID is SVE-2019-16265.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
google android 8.0
google android 9.0
samsung exynos_8895 -
CVE-2019-20451 HIGH

The HTTP API in Prismview System 9 11.10.17.00 and Prismview Player 11 13.09.1100 allows remote code execution by uploading RebootSystem.lnk and requesting /REBOOTSYSTEM or /RESTARTVNC. (Authentication is required but an XML file containing credentials can be downloaded.)

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-434,

Products Affected

Vendor Product Version
samsung prismview_player_11 13.09.1100
samsung prismview_system_9 11.10.17.00
CVE-2019-20564 MEDIUM

An issue was discovered on Samsung mobile devices with any (before October 2019 for S9 or Note9) software. Attackers can manipulate the IMEI. The Samsung ID is SVE-2019-15435 (October 2019).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung note9 -
samsung s9 -
CVE-2019-20566 HIGH

An issue was discovered on Samsung mobile devices with any (before September 2019 for SMP1300 Exynos modem chipsets) software. Attackers can trigger stack corruption in the Shannon modem via a crafted RP-Originator/Destination address. The Samsung ID is SVE-2019-14858 (September 2019).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
samsung exynos_smp1300 -
CVE-2019-6740 MEDIUM

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S9 prior to January 2019 Security Update (SMR-JAN-2019 - SVE-2018-13467). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ASN.1 parser. When parsing ASN.1 strings, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7472.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-122,CWE-787,

Products Affected

Vendor Product Version
samsung galaxy_s9_firmware *
CVE-2019-6741 MEDIUM

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S9 prior to January 2019 Security Update (SMR-JAN-2019 - SVE-2018-13467). User interaction is required to exploit this vulnerability in that the target must connect to a wireless network. The specific flaw exists within the captive portal. By manipulating HTML, an attacker can force a page redirection. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7476.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.3 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N 2.8 5.8

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-601,CWE-601,

Products Affected

Vendor Product Version
samsung galaxy_s9_firmware *
CVE-2019-6742 HIGH

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S9 prior to 1.4.20.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the GameServiceReceiver update mechanism. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7477.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-358,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_s9_firmware *
CVE-2019-6744 LOW

This vulnerability allows local attackers to disclose sensitive information on affected installations of Samsung Knox 1.2.02.39 on Samsung Galaxy S9 build G9600ZHS3ARL1 Secure Folder. An attacker must first obtain physical access to the device in order to exploit this vulnerability. The specific flaws exists within the the handling of the lock screen for Secure Folder. The issue results from the lack of proper validation that a user has correctly authenticated. An attacker can leverage this vulnerability to disclose the contents of the secure container. Was ZDI-CAN-7381.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 0.7 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-284,CWE-287,

Products Affected

Vendor Product Version
samsung knox 1.2.02.39
CVE-2019-7418 MEDIUM

XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/swsAlert.sws" in multiple parameters: flag, frame, func, and Nfunc.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
samsung x7400gx_firmware 6.a6.25
samsung syncthru_web_service -
CVE-2019-7419 MEDIUM

XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/leftmenu.sws" in multiple parameters: ruiFw_id, ruiFw_pid, ruiFw_title.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
samsung x7400gx_firmware 6.a6.25
samsung syncthru_web_service -
CVE-2019-7420 MEDIUM

XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.application/information/networkinformationView.sws" in the tabName parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
samsung x7400gx_firmware 6.a6.25
samsung syncthru_web_service -
CVE-2019-7421 MEDIUM

XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.login/gnb/loginView.sws" in multiple parameters: contextpath and basedURL.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
samsung x7400gx_firmware 6.a6.25
samsung syncthru_web_service -
CVE-2020-10255 HIGH

Modern DRAM chips (DDR4 and LPDDR4 after 2015) are affected by a vulnerability in deployment of internal mitigations against RowHammer attacks known as Target Row Refresh (TRR), aka the TRRespass issue. To exploit this vulnerability, the attacker needs to create certain access patterns to trigger bit flips on affected memory modules, aka a Many-sided RowHammer attack. This means that, even when chips advertised as RowHammer-free are used, attackers may still be able to conduct privilege-escalation attacks against the kernel, conduct privilege-escalation attacks against the Sudo binary, and achieve cross-tenant virtual-machine access by corrupting RSA keys. The issue affects chips produced by SK Hynix, Micron, and Samsung. NOTE: tracking DRAM supply-chain issues is not straightforward because a single product model from a single vendor may use DRAM chips from different manufacturers.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.0 CRITICAL CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H 2.2 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
skhynix lpddr4 -
samsung lpddr4 -
micron lpddr4 -
skhynix ddr4_sdram -
micron ddr4_sdram -
samsung ddr4 -
CVE-2020-10835 HIGH

An issue was discovered on Samsung mobile devices with any (before February 2020 for Exynos modem chipsets) software. There is a buffer overflow in baseband CP message decoding. The Samsung IDs are SVE-2019-15816 and SVE-2019-15817 (February 2020).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
samsung exynos -
CVE-2020-22181

A reflected cross site scripting (XSS) vulnerability was discovered on Samsung sww-3400rw Router devices via the m2 parameter of the sess-bin/command.cgi

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
samsung sww-3400rw_firmware -
CVE-2020-25054 MEDIUM

An issue was discovered on Samsung mobile devices with software through 2020-04-02 (Exynos modem chipsets). There is a heap-based buffer over-read in the Shannon baseband. The Samsung ID is SVE-2020-17239 (August 2020).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 3.9 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
samsung exynos -
CVE-2020-26144 LOW

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (i.e., LLC/SNAP) header for EAPOL. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,

Products Affected

Vendor Product Version
arista o-105_firmware *
arista c-260_firmware *
arista c-230_firmware *
arista w-118_firmware *
arista c-235_firmware *
arista c-120_firmware *
arista c-75_firmware -
arista c-250_firmware *
siemens scalance_w700_ieee_802.11n_firmware *
arista o-90_firmware -
siemens scalance_w700_ieee_802.11ax_firmware *
arista c-110_firmware *
arista c-130_firmware *
arista c-200_firmware *
arista w-68_firmware -
arista c-65_firmware -
arista c-100_firmware *
samsung galaxy_i9305_firmware 4.4.4
CVE-2020-26145 LOW

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,

Products Affected

Vendor Product Version
siemens 6gk5763-1al00-3aa0_firmware *
siemens 6gk5766-1je00-7ta0_firmware *
siemens 6gk5763-1al00-7da0_firmware *
siemens 6gk5766-1ge00-7ta0_firmware *
siemens 6gk5766-1je00-7da0_firmware *
siemens 6gk5766-1je00-3da0_firmware *
siemens 6gk5766-1ge00-3db0_firmware *
siemens 6gk5766-1ge00-3da0_firmware *
siemens 6gk5766-1ge00-7db0_firmware *
siemens 6gk5766-1ge00-7tb0_firmware *
siemens 6gk5766-1ge00-7da0_firmware *
siemens 6gk5763-1al00-3da0_firmware *
samsung galaxy_i9305_firmware 4.4.4
CVE-2020-26146 LOW

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N 1.6 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,

Products Affected

Vendor Product Version
arista o-105_firmware *
arista c-260_firmware *
arista c-230_firmware *
arista w-118_firmware *
arista c-235_firmware *
arista c-120_firmware *
arista c-75_firmware -
arista c-250_firmware *
siemens scalance_w700_ieee_802.11n_firmware *
arista o-90_firmware -
arista c-110_firmware *
arista c-130_firmware *
siemens scalance_w1750d_firmware *
arista c-200_firmware *
arista w-68_firmware -
arista c-65_firmware -
arista c-100_firmware *
siemens scalance_w1700_ieee_802.11ac_firmware *
samsung galaxy_i9305_firmware 4.4.4
CVE-2020-7811 MEDIUM

Samsung Update 3.0.2.0 ~ 3.0.32.0 has a vulnerability that allows privilege escalation as commands crafted by attacker are executed while the engine deserializes the data received during inter-process communication

CVSS 3.x

Source Score Severity Vector Exploitability Impact
vuln@krcert.or.kr 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-502,CWE-502,

Products Affected

Vendor Product Version
samsung update *
CVE-2020-9061 LOW

Z-Wave devices using Silicon Labs 500 and 700 series chipsets, including but not likely limited to the SiLabs UZB-7 version 7.00, ZooZ ZST10 version 6.04, Aeon Labs ZW090-A version 3.95, and Samsung STH-ETH-200 version 6.04, are susceptible to denial of service via malformed routing messages.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-285,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
silabs 500_series_firmware *
aeotec zw090-a 3.95
samsung sth-eth-200 6.04
zooz zst10 6.04
silabs 700_series_firmware -
silabs uzb-7 7.00
CVE-2021-22684 MEDIUM

Tizen RT RTOS version 3.0.GBB is vulnerable to integer wrap-around in functions_calloc and mm_zalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
samsung tizenrt *
CVE-2021-25331 LOW

Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen in specific condition.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 2.4 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 0.9 1.4
mobile.security@samsung.com 3.2 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L 0.7 2.5

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,CWE-200,

Products Affected

Vendor Product Version
samsung pay_mini *
CVE-2021-25332 LOW

Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to contacts information over the lockscreen in specific condition.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 2.4 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 0.9 1.4
mobile.security@samsung.com 3.2 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L 0.7 2.5

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,CWE-200,

Products Affected

Vendor Product Version
samsung pay_mini *
CVE-2021-25333 LOW

Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen via scanning specific QR code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.2 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L 0.7 2.5
nvd@nist.gov 2.4 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 0.9 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,CWE-200,

Products Affected

Vendor Product Version
samsung pay_mini *
CVE-2021-25335 LOW

Improper lockscreen status check in cocktailbar service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows unauthenticated users to access hidden notification contents over the lockscreen in specific condition.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 2.5 LOW CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N 1.0 1.4
nvd@nist.gov 2.5 LOW CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N 1.0 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-703,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung one_ui 2.5
google android 10.0
CVE-2021-25341 LOW

Calling of non-existent provider in S Assistant prior to version 6.5.01.22 allows unauthorized actions including denial of service attack by hijacking the provider.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L 1.8 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 2.5 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-287,CWE-287,

Products Affected

Vendor Product Version
samsung s_assistant *
CVE-2021-25342 LOW

Calling of non-existent provider in SMP sdk prior to version 3.0.9 allows unauthorized actions including denial of service attack by hijacking the provider.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L 1.8 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 2.5 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-287,CWE-287,

Products Affected

Vendor Product Version
samsung members *
CVE-2021-25343 LOW

Calling of non-existent provider in Samsung Members prior to version 2.4.81.13 (in Android O(8.1) and below) and 3.8.00.13 (in Android P(9.0) and above) allows unauthorized actions including denial of service attack by hijacking the provider.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L 1.8 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 2.5 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-287,CWE-287,

Products Affected

Vendor Product Version
samsung members *
CVE-2021-25348 LOW

Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to files in internal storage without authorized STORAGE permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 2.1 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 0.7 1.4
nvd@nist.gov 2.4 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 0.9 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-703,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung internet *
CVE-2021-25349 MEDIUM

Using unsafe PendingIntent in Slow Motion Editor prior to version 3.5.18.5 allows local attackers unauthorized action without permission via hijacking the PendingIntent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung slow_motion_editor *
CVE-2021-25350 LOW

Information Exposure vulnerability in Samsung Account prior to version 12.1.1.3 allows physically proximate attackers to access user information via log.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.9 LOW CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.3 3.6
mobile.security@samsung.com 2.0 LOW CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N 0.6 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,CWE-532,

Products Affected

Vendor Product Version
samsung account *
CVE-2021-25351 LOW

Improper Access Control in EmailValidationView in Samsung Account prior to version 10.7.0.7 and 12.1.1.3 allows physically proximate attackers to log out user account on device without user password.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.2 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L 0.7 2.5
nvd@nist.gov 2.4 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 0.9 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-285,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung account *
CVE-2021-25352 MEDIUM

Using PendingIntent with implicit intent in Bixby Voice prior to version 3.0.52.14 allows attackers to execute privileged action by hijacking and modifying the intent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-285,CWE-668,

Products Affected

Vendor Product Version
samsung bixby_voice *
CVE-2021-25353 LOW

Using empty PendingIntent in Galaxy Themes prior to version 5.2.00.1215 allows local attackers to read/write private file directories of Galaxy Themes application without permission via hijacking the PendingIntent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N 1.8 5.2

CVSS 2.0

Severity: LOW

Problem Type: CWE-285,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_themes *
CVE-2021-25354 MEDIUM

Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch non-exported activity in Samsung Browser via malicious deeplink.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L 1.8 1.4
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L 1.8 3.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-285,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung internet *
CVE-2021-25355 MEDIUM

Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-285,CWE-276,

Products Affected

Vendor Product Version
samsung notes *
CVE-2021-25366 LOW

Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 2.9 LOW CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N 0.3 2.5
mobile.security@samsung.com 3.2 LOW CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N 0.2 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-703,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung internet *
CVE-2021-25367 MEDIUM

Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.7 LOW CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N 1.2 2.5
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N 2.8 2.5

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,CWE-22,

Products Affected

Vendor Product Version
samsung notes *
CVE-2021-25368 MEDIUM

Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 1.8 1.4
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,CWE-287,

Products Affected

Vendor Product Version
samsung cloud *
CVE-2021-25373 MEDIUM

Using unsafe PendingIntent in Customization Service prior to version 2.2.02.1 in Android O(8.x), 2.4.03.0 in Android P(9.0), 2.7.02.1 in Android Q(10.0) and 2.9.01.1 in Android R(11.0) allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-285,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung customization_service *
CVE-2021-25374 MEDIUM

An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
mobile.security@samsung.com 8.6 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N 3.9 4.0

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-285,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung members *
CVE-2021-25375 MEDIUM

Using predictable index for attachments in Samsung Email prior to version 6.1.41.0 allows remote attackers to get attachments of another emails when users open the malicious attachment.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6
mobile.security@samsung.com 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,CWE-330,

Products Affected

Vendor Product Version
samsung email *
CVE-2021-25376 MEDIUM

An improper synchronization logic in Samsung Email prior to version 6.1.41.0 can leak messages in certain mailbox in plain text when STARTTLS negotiation is failed.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4
mobile.security@samsung.com 3.1 LOW CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N 1.6 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,CWE-662,

Products Affected

Vendor Product Version
samsung email *
CVE-2021-25377 MEDIUM

Intent redirection in Samsung Experience Service versions 10.8.0.4 in Android P(9.0) below, and 12.2.0.5 in Android Q(10.0) above allows attacker to execute privileged action.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 1.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,CWE-269,

Products Affected

Vendor Product Version
samsung experience_service *
CVE-2021-25378 MEDIUM

Improper access control of certain port in SmartThings prior to version 1.7.63.6 allows remote temporary denial of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 2.8 1.4
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung smartthings *
CVE-2021-25379 LOW

Intent redirection vulnerability in Gallery prior to version 5.4.16.1 allows attacker to execute privileged action.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-926,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung gallery *
CVE-2021-25380 HIGH

Improper handling of exceptional conditions in Bixby prior to version 3.0.53.02 allows attacker to execute the actions registered by the user.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L 1.6 3.7
nvd@nist.gov 7.3 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 3.9 3.4

CVSS 2.0

Severity: HIGH

Problem Type: CWE-703,CWE-755,

Products Affected

Vendor Product Version
samsung bixby *
CVE-2021-25381 MEDIUM

Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in Android P(9.0) and below, and 12.1.1.3 in Android Q(10.0) and above allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-285,CWE-276,

Products Affected

Vendor Product Version
samsung account 12.1.1.3
samsung account 10.8.0.4
CVE-2021-25398 LOW

Intent redirection vulnerability in Bixby Voice prior to version 3.1.12 allows attacker to access contacts.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-561,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung bixby_voice *
CVE-2021-25399 LOW

Improper configuration in Smart Manager prior to version 11.0.05.0 allows attacker to access the file with system privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N 1.8 5.2

CVSS 2.0

Severity: LOW

Problem Type: CWE-285,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung smart_manager *
CVE-2021-25400 MEDIUM

Intent redirection vulnerability in Samsung Internet prior to version 14.0.1.20 allows attacker to execute privileged action.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-926,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung internet *
CVE-2021-25401 MEDIUM

Intent redirection vulnerability in Samsung Health prior to version 6.16 allows attacker to execute privileged action.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung health *
CVE-2021-25402 LOW

Information Exposure vulnerability in Samsung Notes prior to version 4.2.04.27 allows attacker to access s pen latency information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-922,CWE-922,

Products Affected

Vendor Product Version
samsung notes *
CVE-2021-25403 LOW

Intent redirection vulnerability in Samsung Account prior to version 10.8.0.4 in Android P(9.0) and below, and 12.2.0.9 in Android Q(10.0) and above allows attacker to access contacts and file provider using SettingWebView component.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung account *
samsung account 12.2.0.9
CVE-2021-25404 LOW

Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows attacker to access user information via log.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-922,CWE-922,

Products Affected

Vendor Product Version
samsung smartthings_firmware *
CVE-2021-25405 LOW

An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4.2.04.27 allows untrusted applications to access local files.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung notes *
CVE-2021-25406 LOW

Information exposure vulnerability in Gear S Plugin prior to version 2.2.05.20122441 allows unstrusted applications to access connected BT device information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-922,CWE-863,

Products Affected

Vendor Product Version
samsung gear_s *
CVE-2021-25418 MEDIUM

Improper component protection vulnerability in Samsung Internet prior to version 14.0.1.62 allows untrusted applications to execute arbitrary activity in specific condition.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,CWE-863,

Products Affected

Vendor Product Version
samsung internet *
CVE-2021-25419 MEDIUM

Non-compliance of recommended secure coding scheme in Samsung Internet prior to version 14.0.1.62 allows attackers to display fake URL in address bar via phising URL link.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-703,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung internet *
CVE-2021-25420 LOW

Improper log management vulnerability in Galaxy Watch PlugIn prior to version 2.2.05.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-779,CWE-532,

Products Affected

Vendor Product Version
samsung galaxy_watch_plugin *
CVE-2021-25421 LOW

Improper log management vulnerability in Galaxy Watch3 PlugIn prior to version 2.2.09.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-779,CWE-532,

Products Affected

Vendor Product Version
samsung galaxy_watch_3_plugin *
CVE-2021-25422 LOW

Improper log management vulnerability in Watch Active PlugIn prior to version 2.2.07.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-779,CWE-532,

Products Affected

Vendor Product Version
samsung watch_active_plugin *
CVE-2021-25423 LOW

Improper log management vulnerability in Watch Active2 PlugIn prior to 2.2.08.21033151 version allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone via log.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-779,CWE-532,

Products Affected

Vendor Product Version
samsung watch_active2_plugin *
CVE-2021-25424 MEDIUM

Improper authentication vulnerability in Tizen bluetooth-frwk prior to Firmware update JUN-2021 Release allows bluetooth attacker to take over the user's bluetooth device without user awareness.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,CWE-287,

Products Affected

Vendor Product Version
samsung gear_2_firmware *
samsung gear_2_neo_firmware *
samsung galaxy_watch_active_firmware *
samsung gear_s3_firmware *
samsung gear_s2_firmware *
samsung galaxy_watch_firmware *
samsung gear_s_firmware *
samsung galaxy_watch_active_2_firmware *
samsung galaxy_watch_3_firmware *
CVE-2021-25425 MEDIUM

Improper check vulnerability in Samsung Health prior to version 6.17 allows attacker to read internal cache data via exported component.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-703,CWE-754,

Products Affected

Vendor Product Version
samsung health *
CVE-2021-25431 LOW

Improper access control vulnerability in Cameralyzer prior to versions 3.2.1041 in 3.2.x, 3.3.1040 in 3.3.x, and 3.4.4210 in 3.4.x allows untrusted applications to access some functions of Cameralyzer.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung cameralyzer *
CVE-2021-25432 LOW

Information exposure vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to access chat data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,CWE-668,

Products Affected

Vendor Product Version
samsung samsung_members 3.9.10.11
samsung samsung_members *
CVE-2021-25438 MEDIUM

Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause local file inclusion in webview.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung members *
samsung members 3.9.10.11
CVE-2021-25439 LOW

Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause arbitrary webpage loading in webview.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung members *
samsung members 3.9.10.11
CVE-2021-25440 MEDIUM

Improper access control vulnerability in FactoryCameraFB prior to version 3.4.74 allows untrusted applications to access arbitrary files with an escalated privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung factorycamerafb *
CVE-2021-25441 MEDIUM

Improper input validation vulnerability in AR Emoji Editor prior to version 4.4.03.5 in Android Q(10.0) and above allows untrusted applications to access arbitrary files with an escalated privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,CWE-20,

Products Affected

Vendor Product Version
samsung ar_emoji_editor 4.4.03.5
CVE-2021-25442 MEDIUM

Improper MDM policy management vulnerability in KME module prior to KCS version 1.39 allows MDM users to bypass Knox Manage authentication.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,CWE-287,

Products Affected

Vendor Product Version
samsung knox_cloud_services *
CVE-2021-25445 MEDIUM

Unprotected component vulnerability in Samsung Internet prior to version 14.2 allows untrusted application to access internal files in Samsung Internet.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,CWE-287,

Products Affected

Vendor Product Version
samsung internet *
CVE-2021-25446 MEDIUM

Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause arbitrary webpage loading in webview.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung smartthings_firmware *
CVE-2021-25447 MEDIUM

Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause local file inclusion in webview.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung smartthings_firmware *
CVE-2021-25448 MEDIUM

Improper access control vulnerability in Smart Touch Call prior to version 1.0.0.5 allows arbitrary webpage loading in webview.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung smart_touch_call *
CVE-2021-25463 LOW

Improper access control vulnerability in PENUP prior to version 3.8.00.18 allows arbitrary webpage loading in webview.

CVSS 2.0

Severity: LOW

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung penup *
CVE-2021-25464 LOW

An improper file management vulnerability in SamsungCapture prior to version 4.8.02 allows sensitive information leak.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung capture *
CVE-2021-25465 MEDIUM

An improper scheme check vulnerability in Samsung Themes prior to version 5.2.01 allows attackers to perform Man-in-the-middle attack.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4
nvd@nist.gov 7.0 HIGH CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 1.0 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,CWE-20,

Products Affected

Vendor Product Version
samsung themes *
CVE-2021-25466 MEDIUM

Improper scheme check vulnerability in Samsung Internet prior to version 15.0.2.47 allows attackers to perform Man-in-the-middle attack and obtain Samsung Account token.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 2.2 3.6
mobile.security@samsung.com 6.5 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,CWE-287,

Products Affected

Vendor Product Version
samsung internet *
CVE-2021-25492 LOW

Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 1.8 5.2
mobile.security@samsung.com 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H 2.5 4.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-787,CWE-125,

Products Affected

Vendor Product Version
samsung notes *
CVE-2021-25493 LOW

Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 1.8 5.2

CVSS 2.0

Severity: LOW

Problem Type: CWE-125,CWE-119,

Products Affected

Vendor Product Version
samsung notes *
CVE-2021-25494 MEDIUM

A possible buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-120,

Products Affected

Vendor Product Version
samsung notes *
CVE-2021-25495 MEDIUM

A possible heap buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H 2.5 4.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-122,CWE-787,

Products Affected

Vendor Product Version
samsung notes *
CVE-2021-25496 MEDIUM

A possible buffer overflow vulnerability in maetd_dec_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H 2.5 4.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,CWE-120,

Products Affected

Vendor Product Version
samsung notes *
CVE-2021-25497 MEDIUM

A possible buffer overflow vulnerability in maetd_cpy_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H 2.5 4.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,CWE-120,

Products Affected

Vendor Product Version
samsung notes *
CVE-2021-25498 MEDIUM

A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H 2.5 4.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,CWE-120,

Products Affected

Vendor Product Version
samsung notes *
CVE-2021-25499 LOW

Intent redirection vulnerability in SamsungAccountSDKSigninActivity of Galaxy Store prior to version 4.5.32.4 allows attacker to access content provider of Galaxy Store.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N 1.8 5.2

CVSS 2.0

Severity: LOW

Problem Type: CWE-285,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2021-25504 LOW

Intent redirection vulnerability in Group Sharing prior to 10.8.03.2 allows attacker to access contact information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung group_sharing *
CVE-2021-25505 MEDIUM

Improper authentication in Samsung Pass prior to 3.0.02.4 allows to use app without authentication when lockscreen is unlocked.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 1.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,CWE-287,

Products Affected

Vendor Product Version
samsung samsung_pass *
CVE-2021-25506 LOW

Non-existent provider in Samsung Health prior to 6.19.1.0001 allows attacker to access it via malicious content provider or lead to denial of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 2.5 1.4
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-287,CWE-863,

Products Affected

Vendor Product Version
samsung health *
CVE-2021-25507 LOW

Improper authorization vulnerability in Samsung Flow mobile application prior to 4.8.03.5 allows Samsung Flow PC application connected with user device to access part of notification data in Secure Folder without authorization.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.7 MEDIUM CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.1 3.6
nvd@nist.gov 5.7 MEDIUM CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.1 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-285,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung samsung_flow *
CVE-2021-25508 HIGH

Improper privilege management vulnerability in API Key used in SmartThings prior to 1.7.73.22 allows an attacker to abuse the API key without limitation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-269,CWE-269,

Products Affected

Vendor Product Version
samsung smartthings *
CVE-2021-25509 LOW

A missing input validation in Samsung Flow Windows application prior to Version 4.8.5.0 allows attackers to overwrite abtraty file in the Windows known folders.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 1.8 5.2
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,CWE-20,

Products Affected

Vendor Product Version
samsung samsung_flow *
CVE-2021-25520 MEDIUM

Insecure caller check and input validation vulnerabilities in SearchKeyword deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to execute script codes in Samsung Internet.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,CWE-79,

Products Affected

Vendor Product Version
samsung internet *
CVE-2021-25521 LOW

Insecure caller check in sharevia deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to get current tab URL in Samsung Internet.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-285,CWE-552,

Products Affected

Vendor Product Version
samsung internet *
CVE-2021-25522 LOW

Insecure storage of sensitive information vulnerability in Smart Capture prior to version 4.8.02.10 allows attacker to access victim's captured images without permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L 1.8 3.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-922,

Products Affected

Vendor Product Version
samsung smart_capture *
CVE-2021-25523 LOW

Insecure storage of device information in Samsung Dialer prior to version 12.7.05.24 allows attacker to get Samsung Account ID.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-922,CWE-922,

Products Affected

Vendor Product Version
samsung dialer *
CVE-2021-25524 LOW

Insecure storage of device information in Contacts prior to version 12.7.05.24 allows attacker to get Samsung Account ID.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-922,CWE-922,

Products Affected

Vendor Product Version
samsung contacts *
CVE-2021-25525 LOW

Improper check or handling of exception conditions vulnerability in Samsung Pay (US only) prior to version 4.0.65 allows attacker to use NFC without user recognition.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 2.0 LOW CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:C/C:N/I:N/A:L 0.4 1.4
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-703,CWE-754,

Products Affected

Vendor Product Version
samsung pay *
CVE-2021-25526 LOW

Intent redirection vulnerability in Samsung Blockchain Wallet prior to version 1.3.02.8 allows attacker to execute privileged action.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-926,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung blockchain_wallet *
CVE-2021-25527 LOW

Improper export of Android application components vulnerability in Samsung Pay (India only) prior to version 4.1.77 allows attacker to access Bill Pay and Recharge menu without authentication.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 3.8 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N 2.0 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-926,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung pay *
CVE-2021-3438 MEDIUM

A potential buffer overflow in the software drivers for certain HP LaserJet products and Samsung product printers could lead to an escalation of privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,

Products Affected

Vendor Product Version
samsung multixpress_sl-x7400_ss053a -
samsung xpress_sl-m2876_ss356a -
samsung xpress_sl-m2070_ss297a -
samsung xpress_sl-m2670_ss331a -
samsung proxpress_sl-c4010_ss216g -
samsung sf-760_ss196a -
samsung proxpress_sl-m3820_ss373g -
hp laser_mfp_130_4zb84a -
samsung proxpress_sl-m3820_ss373n -
samsung proxpress_sl-c3060_ss213f -
samsung proxpress_sl-m3820_ss373z -
samsung scx-3405_sv943a -
hp laser_mfp_130_4zb90a -
samsung proxpress_sl-m4075_ss393a -
hp laser_mfp_130_4zb92a -
samsung multixpress_sl-x4250_ss048a -
hp laserjet_mfp_m437_7zb20a -
samsung xpress_sl-m2625_ss326a -
samsung xpress_sl-m2676_sw113a -
hp laserjet_mfp_m438_8af44a -
samsung sf-760_ss199a -
samsung proxpress_sl-m3820_ss372c -
samsung ml-5510_ss152a -
samsung proxpress_sl-c3060_ss211h -
samsung xpress_sl-m2620_ss322a -
samsung proxpress_sl-c4060_ss218a -
samsung xpress_sl-m2671_ss333a -
hp color_laser_mfp_170_6hu08a -
samsung xpress_sl-c480_ss255a -
samsung ml-6510_ss153a -
samsung scx-3406_sv947a -
samsung clx-6260_ss108a -
samsung multixpress_scx-8128_sw172a -
samsung ml-5017_ss148a -
samsung proxpress_sl-c4010_ss216h -
samsung proxpress_sl-m4024_ss385a -
samsung clp-365_sw139a -
samsung proxpress_sl-c3010_ss210e -
samsung xpress_sl-m2070_ss298a -
hp laserjet_mfp_m42523_7zb25a -
samsung multixpress_scx-8128_ss018a -
samsung proxpress_sl-c4010_ss216z -
samsung xpress_sl-m2675_ss335a -
samsung proxpress_sl-c4010_ss216t -
hp laserjet_mfp_m437_7zb19a -
samsung multixpress_sl-k4350_ss033a -
samsung ml-6510_sv901a -
samsung scx-5639_st676a -
samsung proxpress_sl-m3820_ss371c -
samsung clx-6260_sw177a -
samsung multixpress_clx-9301_sw179a -
samsung scx-4521_sv967a -
samsung proxpress_sl-c4010_ss216e -
hp laserjet_mfp_m436_w7u01a -
samsung clx-3305_ss094a -
samsung proxpress_sl-c3010_ss210h -
samsung ml-6510_sv899c -
samsung proxpress_sl-c4010_ss215a -
samsung proxpress_sl-m3375fd_ss369b -
samsung proxpress_sl-m4070_ss390c -
samsung proxpress_sl-m4560_ss400a -
samsung xpress_sl-m2835_ss346a -
samsung ml-5510_ss151a -
samsung sf-760_ss195a -
samsung xpress_sl-c430_ss230a -
hp laserjet_mfp_m440_8af47a -
hp laser_mfp_130_6hu12a -
samsung xpress_sl-m2625_ss327a -
samsung scx-5737_sw045a -
samsung multixpress_sl-x3280_ss044a -
samsung scx-5635_sw040a -
samsung proxpress_sl-c3060_ss213b -
samsung proxpress_sl-c4062_ss219a -
samsung proxpress_sl-m3825_ss376a -
hp laser_mfp_130_4zb87a -
samsung proxpress_sl-m3875_ss380a -
samsung scx-4021_ss165a -
samsung multixpress_sl-x7400_ss054a -
hp laser_mfp_130_6hu10a -
samsung xpress_sl-m2870_ss349a -
samsung scx-3406_sv946a -
samsung proxpress_sl-c3010_ss210m -
hp color_laser_150_4zb94a -
samsung xpress_sl-m2626_ss328a -
samsung clp-680_ss075a -
hp laser_mfp_432_7uq76a -
samsung clp-360_ss062a -
samsung xpress_sl-m2875_ss351a -
hp laserjet_mfp_m42625_8af51a -
samsung scx-3401_ss158a -
hp laser_mfp_130_4zb88a -
samsung clx-6260_ss106a -
samsung proxpress_sl-m4580_ss402a -
samsung proxpress_sl-c4010_ss216c -
hp laser_100_4zb79a -
samsung proxpress_sl-m3820_ss373j -
hp laserjet_mfp_m438_8af45a -
hp laser_100_4zb81a -
samsung proxpress_sl-c3060_ss211p -
samsung xpress_sl-m2620_ss323a -
samsung xpress_sl-m2626_ss329a -
samsung proxpress_sl-m4020_ss383x -
samsung xpress_sl-m2676_ss338a -
samsung multixpress_sl-m4370_sw117a -
samsung multixpress_sl-k4250_ss030a -
samsung xpress_sl-m2825_ss343a -
samsung proxpress_sl-m3820_ss373l -
samsung proxpress_sl-m4025_ss386a -
hp laserjet_mfp_m72625-m72630_2zn50a -
samsung proxpress_sl-m3820_ss371b -
samsung multixpress_sl-k7600_ss041a -
samsung proxpress_sl-m3820_ss373c -
samsung xpress_sl-m3015_ss360a -
samsung proxpress_sl-c3010_ss210b -
samsung proxpress_sl-c4010_ss216d -
samsung proxpress_sl-m4020_4pt7b -
samsung proxpress_sl-m4530_ss397e -
samsung proxpress_sl-m3820_ss373m -
samsung scx-3406_ss164a -
samsung scx-4521_sw129a -
samsung multixpress_scx-8240_sw185a -
samsung scx-4650_sb983a -
samsung proxpress_sl-m4530_ss397g -
samsung xpress_sl-c480_ss254a -
samsung proxpress_sl-c3060_ss211l -
samsung proxpress_sl-m3820_ss373p -
samsung proxpress_sl-c4010_ss216n -
samsung proxpress_sl-m3820_ss373k -
samsung scx-3401_sv393a -
samsung scx-5637_ss182a -
samsung scx-4521_sv530a -
hp color_laser_mfp_170_6hu09a -
samsung scx-4521_sv966a -
samsung proxpress_sl-m4020_ss383k -
hp color_laser_150_4zb95a -
samsung xpress_sl-m2826_ss344a -
samsung proxpress_sl-c3060_ss211g -
samsung clp-365_ss066a -
samsung xpress_sl-m2876_ss357a -
samsung proxpress_sl-m3820_ss373h -
samsung ml-5510_ss149a -
samsung multixpress_sl-k4250_ss031a -
samsung xpress_sl-c480_ss256a -
samsung scx-3405_ss160a -
samsung scx-5737_ss183a -
samsung scx-5637_sw043a -
samsung proxpress_sl-m3820_ss373t -
samsung scx-4521_sv968a -
samsung xpress_sl-m2821_ss341a -
samsung scx-4833_ss180a -
samsung proxpress_sl-m3320nd_ss365a -
samsung scx-5635_sw041a -
samsung proxpress_sl-c3010_ss210d -
samsung proxpress_sl-c4010_ss216a -
hp laserjet_mfp_m436_2ky38a -
samsung ml-4512_ss142a -
samsung multixpress_sl-x7600_ss059a -
samsung xpress_sl-m2070_ss295a -
samsung ml-5015_ss147a -
samsung proxpress_sl-c3010_ss210f -
samsung proxpress_sl-m3820_ss373b -
samsung xpress_sl-m2875_ss352a -
samsung xpress_sl-m2676_ss337a -
samsung scx-4650_ss171a -
samsung proxpress_sl-c3010_ss201c -
hp laserjet_mfp_m443_8af72a -
samsung proxpress_sl-c3060_ss211e -
samsung proxpress_sl-c4010_ss216q -
samsung scx-4655_ss174a -
samsung proxpress_sl-m4020_ss383c -
samsung multixpress_scx-8230_ss021a -
hp laser_mfp_130_4zb93a -
samsung proxpress_sl-c3060_ss211k -
samsung xpress_sl-m2820_ss339a -
samsung xpress_sl-m2070_ss296a -
hp laser_mfp_130_6hu11a -
samsung multixpress_scx-8128_ss019a -
samsung multixpress_sl-x7500_ss055a -
samsung proxpress_sl-m3825_ss375a -
samsung proxpress_sl-m3820_ss373v -
samsung xpress_sl-m2020_ss272a -
samsung ml-6510_sv900a -
samsung scx-3405_ss161a -
samsung multixpress_clx-9301_sw152a -
samsung proxpress_sl-m3375fd_ss369c -
samsung proxpress_sl-c4010_ss216p -
samsung clp-775_ss078a -
samsung scx-4521_sv969a -
hp laserjet_mfp_m440_8af48a -
samsung proxpress_sl-c3060_ss213h -
hp laserjet_mfp_m42523_7ab26a -
samsung scx-3406_sw127a -
samsung proxpress_sl-c3010_ss210j -
samsung proxpress_sl-c3060_ss213a -
samsung xpress_sl-m2070_ss293a -
samsung scx-4521_ss167a -
samsung scx-4833_sw019a -
samsung proxpress_sl-c3060_ss211n -
hp laserjet_mfp_m437_7zb21a -
samsung multixpress_sl-k2200_ss024a -
samsung proxpress_sl-m3870_ss378a -
samsung clx-3305_ss096a -
hp color_laser_mfp_170_4zb97a -
samsung proxpress_sl-c3060_ss211q -
samsung proxpress_sl-m3875_ss379a -
samsung multixpress_sl-k7600_ss042a -
samsung scx-3405_ss159a -
samsung xpress_sl-m2870_ss348a -
samsung scx-5635_sw093a -
samsung xpress_sl-m2621_ss325a -
hp laserjet_mfp_m438_8af43a -
samsung proxpress_sl-m3375fd_ss369d -
samsung scx-3405_ss163a -
samsung multixpress_clx-9301_ss007a -
samsung scx-3400_ss155a -
samsung xpress_sl-m2070_ss294a -
hp laserjet_mfp_m442_8af71a -
samsung proxpress_sl-m4025_ss387a -
samsung proxpress_sl-m3321_ss366a -
samsung sf-760_ss198a -
samsung proxpress_sl-m3870_ss377a -
samsung proxpress_sl-m3820_ss371a -
samsung scx-3405_ss162a -
samsung multixpress_clx-9251_ss005a -
samsung proxpress_sl-m3820_ss373q -
samsung proxpress_sl-m4020_4pt87a -
samsung proxpress_sl-c3010_ss210l -
samsung xpress_sl-m2880_ss358a -
hp laser_100_5ue14a -
samsung multixpress_sl-m5370_sw121a -
samsung ml-5510_ss150a -
samsung proxpress_sl-c4010_ss216k -
samsung proxpress_sl-c3010_ss210p -
hp color_laser_mfp_170_4zb96a -
hp laserjet_mfp_m42625_8af49a -
samsung proxpress_sl-m4070_ss389j -
samsung scx-5737_sw046a -
samsung xpress_sl-m2020_ss271a -
samsung proxpress_sl-c3010_ss209a -
samsung proxpress_sl-m3820_ss373e -
samsung proxpress_sl-m4075_ss394a -
hp laser_408_7uq75a -
samsung xpress_sl-m2871_ss350a -
samsung proxpress_sl-c3060_ss213d -
samsung proxpress_sl-c3060_ss213g -
samsung xpress_sl-m2875_ss354a -
samsung multixpress_sl-k7400_ss037a -
samsung proxpress_sl-c4010_ss216j -
samsung clp-368_sv601a -
samsung proxpress_sl-m4560_ss399a -
samsung scx-4650_ss172a -
hp laserjet_mfp_m439_7zb22a -
samsung proxpress_sl-c4010_ss216m -
hp laserjet_mfp_m439_7zb23a -
samsung proxpress_sl-c3060_s221b -
samsung multixpress_sl-k7500_ss040a -
samsung xpress_sl-m2675_sw112a -
hp laser_mfp_130_4zb85a -
samsung ml-5010_ss145a -
samsung proxpress_sl-m3375fd_ss369e -
samsung proxpress_sl-c3010_ss210g -
samsung proxpress_sl-m3875_ss381a -
samsung xpress_sl-m2620_ss324a -
samsung xpress_sl-m2675_ss334a -
samsung proxpress_sl-c4010_ss216f -
samsung proxpress_sl-c4010_ss216v -
samsung scx-3400_ss156a -
samsung clp-560_sv612a -
samsung multixpress_sl-x7600_ss058a -
hp laserjet_mfp_m42523_7zb72a -
hp laserjet_mfp_m440_8af46a -
samsung multixpress_sl-k4300_ss032a -
samsung clp-775_ss079a -
samsung proxpress_sl-c3060_ss213e -
samsung proxpress_sl-m4072_ss391a -
samsung clx-6260_ss107a -
hp laser_mfp_130_9vv52a -
samsung xpress_sl-m2875_ss353a -
samsung multixpress_scx-8240_ss022a -
samsung xpress_sl-m2670_ss330a -
samsung proxpress_sl-m3375fd_ss369a -
samsung xpress_sl-m2820_ss340a -
hp laser_mfp_130_4zb91a -
samsung multixpress_sl-k3300_ss028a -
samsung proxpress_sl-m4580_ss401a -
samsung clp-366_ss068a -
hp laserjet_mfp_m42625_8af50a -
samsung proxpress_sl-c3010_ss210k -
samsung proxpress_sl-m3820_ss373w -
samsung xpress_sl-m2876_ss355a -
samsung clx-6260_ss105a -
hp laserjet_mfp_m72625-m72630_2zn49a -
samsung proxpress_sl-m3825_ss374a -
samsung scx-4521_ss168a -
samsung proxpress_sl-m3820_ss375b -
samsung scx-4835_sw021a -
samsung xpress_sl-c480_ss257a -
hp laser_mfp_130_5ue15a -
samsung proxpress_sl-m4020_ss383y -
samsung proxpress_sl-m4030_ss388a -
samsung xpress_sl-m2885_ss359a -
samsung ml-4510_ss141a -
samsung clx-3305_ss093a -
hp laser_mfp_130_4zb82a -
samsung multixpress_sl-m5370_ss404a -
samsung clp-365_ss067a -
hp laser_100_209u7a -
samsung proxpress_sl-c3060_ss211m -
samsung sf-760_ss197a -
samsung scx-4833_ss181a -
samsung proxpress_sl-c4010_ss216s -
samsung multixpress_sl-m4370_ss396a -
samsung scx-3406_sv945a -
samsung scx-3400_sv938a -
samsung xpress_sl-m2825_ss342a -
hp laserjet_mfp_m436_w7u02a -
samsung ml-5012_ss146a -
hp laserjet_mfp_m42625_8af52a -
samsung scx-4835_sw020a -
samsung proxpress_sl-m3375fd_ss368f -
samsung clp-680_ss076a -
samsung ml-5510_sv898a -
samsung proxpress_sl-c4010_ss216l -
samsung ml-3750_ss138a -
samsung multixpress_sl-x7500_ss056a -
samsung proxpress_sl-c3060_ss211j -
samsung proxpress_sl-c3060_ss213c -
hp laser_100_4zb80a -
samsung scx-3405_sw314a -
samsung proxpress_sl-c4010_ss216b -
samsung multixpress_sl-x3220nr_ss043e -
samsung multixpress_sl-k3250_ss027e -
hp laser_mfp_130_4zb83a -
samsung proxpress_sl-m3820_ss371d -
samsung multixpress_sl-k2200_ss025a -
samsung proxpress_sl-m3325_ss367a -
samsung proxpress_sl-m3875_ss382a -
samsung proxpress_sl-c3010_ss210a -
samsung proxpress_sl-m3370_ss378a -
hp laser_mfp_130_4zb89a -
hp laserjet_mfp_m433_1vr14a -
samsung proxpress_sl-m3820_ss373u -
samsung proxpress_sl-c4010_ss216u -
samsung proxpress_sl-m3820_ss373d -
samsung clx-3300_ss088a -
samsung multixpress_sl-x4300_ss049a -
samsung multixpress_sl-k7500_ss039a -
samsung multixpress_scx-8240_st717a -
samsung proxpress_sl-m3820_ss373s -
samsung xpress_sl-m2675_ss336a -
samsung clx-3305_ss095a -
samsung multixpress_sl-k7400_ss038a -
hp laser_mfp_130_4zb86a -
samsung proxpress_sl-c3060_ss211f -
samsung scx-3406_sv298a -
samsung scx-4655_sv988a -
samsung proxpress_sl-m3820_ss373a -
samsung xpress_sl-m2671_ss332a -
samsung multixpress_scx-8128_ss020a -
samsung proxpress_sl-c4012_ss217a -
samsung xpress_sl-c1860_ss205a -
samsung scx-3405_sw313a -
samsung proxpress_sl-c3060_ss211c -
samsung proxpress_sl-m3820_ss373f -
samsung proxpress_sl-m4020_ss383l -
samsung proxpress_sl-c3060_ss211a -
samsung clp-560_sv611a -
hp laserjet_mfp_m439_7zb24a -
samsung clx-3300_sv677a -
samsung proxpress_sl-m4075_ss392a -
samsung proxpress_sl-m4080_ss395a -
samsung multixpress_clx-9251_sv719a -
samsung scx-4655_sv989a -
samsung scx-3401_ss157a -
samsung proxpress_sl-c3060_ss211d -
samsung multixpress_sl-m5360_ss403a -
samsung proxpress_sl-m4530_ss398d -
samsung xpress_sl-c430_ss229a -
samsung ml-5510_sv897a -
samsung multixpress_sl-x4220_ss047a -
samsung clp-366_sv600a -
samsung ml-6510_ss154a -
CVE-2021-35309

An issue discovered in Samsung SyncThru Web Service SPL 5.93 06-09-2014 allows attackers to gain escalated privileges via MITM attacks.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 1.6 5.9

Products Affected

Vendor Product Version
samsung syncthru_web_service 5.93
CVE-2021-39373 MEDIUM

Samsung Drive Manager 2.0.104 on Samsung H3 devices allows attackers to bypass intended access controls on disk management. WideCharToMultiByte, WideCharStr, and MultiByteStr can contribute to password exposure.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-522,

Products Affected

Vendor Product Version
samsung drive_manager 2.0.104
CVE-2021-42114 HIGH

Modern DRAM devices (PC-DDR4, LPDDR4X) are affected by a vulnerability in their internal Target Row Refresh (TRR) mitigation against Rowhammer attacks. Novel non-uniform Rowhammer access patterns, consisting of aggressors with different frequencies, phases, and amplitudes allow triggering bit flips on affected memory modules using our Blacksmith fuzzer. The patterns generated by Blacksmith were able to trigger bitflips on all 40 PC-DDR4 DRAM devices in our test pool, which cover the three major DRAM manufacturers: Samsung, SK Hynix, and Micron. This means that, even when chips advertised as Rowhammer-free are used, attackers may still be able to exploit Rowhammer. For example, this enables privilege-escalation attacks against the kernel or binaries such as the sudo binary, and also triggering bit flips in RSA-2048 keys (e.g., SSH keys) to gain cross-tenant virtual-machine access. We can confirm that DRAM devices acquired in July 2020 with DRAM chips from all three major DRAM vendors (Samsung, SK Hynix, Micron) are affected by this vulnerability. For more details, please refer to our publication.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
vulnerability@ncsc.ch 9.0 CRITICAL CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H 2.2 6.0
nvd@nist.gov 8.3 HIGH CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H 1.6 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung ddr4_sdram_firmware -
samsung lddr4_firmware -
skhynix ddr4_sdram_firmware -
skhynix lddr4_firmware -
micron lddr4_firmware -
micron ddr4_sdram_firmware -
CVE-2021-42913 MEDIUM

The SyncThru Web Service on Samsung SCX-6x55X printers allows an attacker to gain access to a list of SMB users and cleartext passwords by reading the HTML source code. Authentication is not required.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-522,

Products Affected

Vendor Product Version
samsung syncthru_web_service -
CVE-2022-1230

This vulnerability allows local attackers to execute arbitrary code on affected installations of Samsung Galaxy S21 prior to 4.5.40.5 phones. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of redirections. An attacker can force a redirection to a site that serves malicious content. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the current user. Was ZDI-CAN-15918.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.9 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N 1.3 2.5

Products Affected

Vendor Product Version
samsung galaxy_s21_firmware *
CVE-2022-22283 LOW

Improper session management vulnerability in Samsung Health prior to 6.20.1.005 prevents logging out from Samsung Health App.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 2.8 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N 1.3 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-287,CWE-613,

Products Affected

Vendor Product Version
samsung health *
CVE-2022-22284 LOW

Improper authentication vulnerability in Samsung Internet prior to 16.0.2.19 allows attackers to bypass secret mode password authentication

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 5.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N 1.4 4.2

CVSS 2.0

Severity: LOW

Problem Type: CWE-287,CWE-287,

Products Affected

Vendor Product Version
samsung internet *
CVE-2022-22285 LOW

A vulnerability using PendingIntent in Reminder prior to version 12.2.05.0 in Android R(11.0) and 12.3.02.1000 in Android S(12.0) allows attackers to execute privileged action by hijacking and modifying the intent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N 1.8 5.2
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N 1.8 2.5

CVSS 2.0

Severity: LOW

Problem Type: CWE-94,CWE-94,

Products Affected

Vendor Product Version
samsung reminder *
CVE-2022-22286 LOW

A vulnerability using PendingIntent in Bixby Routines prior to version 3.1.21.8 in Android R(11.0) and 2.6.30.5 in Android Q(10.0) allows attackers to execute privileged action by hijacking and modifying the intent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N 1.8 5.2
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N 1.8 2.5

CVSS 2.0

Severity: LOW

Problem Type: CWE-94,CWE-94,

Products Affected

Vendor Product Version
samsung bixby_routines *
CVE-2022-22287 LOW

Abitrary file access vulnerability in Samsung Email prior to 6.1.60.16 allows attacker to read isolated data in sandbox.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6
mobile.security@samsung.com 3.9 LOW CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N 0.2 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,CWE-200,

Products Affected

Vendor Product Version
samsung samsung_email *
CVE-2022-22288 MEDIUM

Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app installation of the allowlist.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6
mobile.security@samsung.com 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-285,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2022-22289 MEDIUM

Improper access control vulnerability in S Assistant prior to version 7.5 allows attacker to remotely get senstive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,CWE-287,

Products Affected

Vendor Product Version
samsung s_assistant *
CVE-2022-22290 MEDIUM

Incorrect download source UI in Downloads in Samsung Internet prior to 16.0.6.23 allows attackers to perform domain spoofing via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6
mobile.security@samsung.com 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-703,CWE-755,

Products Affected

Vendor Product Version
samsung internet *
CVE-2022-23433 MEDIUM

Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S(12), 12.2.05.6000 in Android R(11) and 11.6.08.6000 in Andoid Q(10) allows attackers to register reminders or execute exporeted activities remotely.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung reminder *
CVE-2022-23434 LOW

A vulnerability using PendingIntent in Bixby Vision prior to versions 3.7.60.8 in Android S(12), 3.7.50.6 in Andorid R(11) and below allows attackers to execute privileged action by hijacking and modifying the intent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N 1.8 2.5
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-94,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung bixby *
CVE-2022-23994 MEDIUM

An Improper access control vulnerability in StBedtimeModeReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to change bedtime mode without a proper permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 1.8 1.4
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L 1.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung wear_os *
CVE-2022-23995 MEDIUM

Unprotected component vulnerability in StBedtimeModeAlarmReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to change bedtime mode without a proper permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 1.8 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 2.5 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,CWE-276,

Products Affected

Vendor Product Version
samsung wear_os *
CVE-2022-23996 MEDIUM

Unprotected component vulnerability in StTheaterModeReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to enable bedtime mode without a proper permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 2.5 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 1.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,CWE-276,

Products Affected

Vendor Product Version
samsung wear_os *
CVE-2022-23997 MEDIUM

Unprotected component vulnerability in StTheaterModeDurationAlarmReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to disable theater mode without a proper permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 1.8 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 2.5 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung wear_os *
CVE-2022-23998 MEDIUM

Improper access control vulnerability in Camera prior to versions 11.1.02.16 in Android R(11), 10.5.03.77 in Android Q(10) and 9.0.6.68 in Android P(9) allows untrusted applications to take a picture in screenlock status.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,CWE-863,

Products Affected

Vendor Product Version
samsung camera *
CVE-2022-24002 MEDIUM

Improper Authorization vulnerability in Link Sharing prior to version 12.4.00.3 allows attackers to open protected activity via PreconditionActivity.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-285,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung link_sharing *
CVE-2022-24003 MEDIUM

Exposure of Sensitive Information vulnerability in Bixby Vision prior to version 3.7.50.6 allows attackers to access internal data of Bixby Vision via unprotected intent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung bixby_vision *
CVE-2022-24923 LOW

Improper access control vulnerability in Samsung SearchWidget prior to versions 2.3.00.6 in China models allows untrusted applications to load arbitrary URL and local files in webview.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung searchwidget *
CVE-2022-24924 MEDIUM

An improper access control in LiveWallpaperService prior to versions 3.0.9.0 allows to create a specific named system directory without a proper permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 2.2 LOW CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N 0.8 1.4
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung livewallpaperservice *
CVE-2022-24926 LOW

Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.15-6 allows privileged attackers to trigger a XSS on a victim's devices.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.7 MEDIUM CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.1 3.6
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,CWE-79,

Products Affected

Vendor Product Version
samsung smarttagplugin *
CVE-2022-24927 HIGH

Improper privilege management vulnerability in Samsung Video Player prior to version 7.3.15.30 allows attackers to execute video files without permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
mobile.security@samsung.com 4.2 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L 0.8 3.4

CVSS 2.0

Severity: HIGH

Problem Type: CWE-269,CWE-269,

Products Affected

Vendor Product Version
samsung video_player *
CVE-2022-24930 MEDIUM

An Improper access control vulnerability in StRetailModeReceiver in Wear OS 3.0 prior to Firmware update MAR-2022 Release allows untrusted applications to reset default app settings without a proper permission

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 1.8 1.4
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N 1.8 2.5

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung wear_os 3.0
CVE-2022-24932 LOW

Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022 Release 1 allows physical attacker package installation before finishing Setup wizard.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.2 MEDIUM CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N 0.5 3.6
nvd@nist.gov 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 0.9 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-424,NVD-CWE-Other,

Products Affected

Vendor Product Version
google android 11.0
samsung cloud *
google android 10.0
google android 12.0
CVE-2022-25154 MEDIUM

A DLL hijacking vulnerability in Samsung portable SSD T5 PC software before 1.6.9 could allow a local attacker to escalate privileges. (An attacker must already have user privileges on Windows 7, 10, or 11 to exploit this vulnerability.)

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H 1.3 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-427,

Products Affected

Vendor Product Version
samsung t5_firmware *
CVE-2022-25823 LOW

Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741 allows attackers to access user information in log.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 1.9 LOW CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N 0.5 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,CWE-532,

Products Affected

Vendor Product Version
samsung galaxy_watch_plugin *
CVE-2022-25824 LOW

Improper access control vulnerability in BixbyTouch prior to version 2.2.00.6 in China models allows untrusted applications to load arbitrary URL and local files in webview.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung bixby_touch *
CVE-2022-25826 LOW

Information Exposure vulnerability in Galaxy S3 Plugin prior to version 2.2.03.22012751 allows attacker to access password information of connected WiFiAp in the log

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 1.9 LOW CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N 0.5 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,CWE-532,

Products Affected

Vendor Product Version
samsung galaxy_watch_3_plugin *
CVE-2022-25827 LOW

Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows attacker to access password information of connected WiFiAp in the log

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 1.9 LOW CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N 0.5 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,CWE-532,

Products Affected

Vendor Product Version
samsung galaxy_watch_plugin *
CVE-2022-25828 LOW

Information Exposure vulnerability in Watch Active Plugin prior to version 2.2.07.22012751 allows attacker to access password information of connected WiFiAp in the log

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 1.9 LOW CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N 0.5 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,CWE-532,

Products Affected

Vendor Product Version
samsung watch_active_plugin *
CVE-2022-25829 LOW

Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751 allows attacker to access password information of connected WiFiAp in the log

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 1.9 LOW CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N 0.5 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,CWE-532,

Products Affected

Vendor Product Version
samsung watch_active2_plugin *
CVE-2022-25830 LOW

Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 2.2.09.22012751 allows attacker to access password information of connected WiFiAp in the log

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 1.9 LOW CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N 0.5 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,CWE-532,

Products Affected

Vendor Product Version
samsung galaxy_watch_3_plugin *
CVE-2022-27837 HIGH

A vulnerability using PendingIntent in Accessibility prior to version 12.5.3.2 in Android R(11.0) and 13.0.1.1 in Android S(12.0) allows attacker to access the file with system privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N 1.8 2.5

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,CWE-552,

Products Affected

Vendor Product Version
samsung accessibility *
CVE-2022-27838 HIGH

Improper access control vulnerability in FactoryCamera prior to version 2.1.96 allows attacker to access the file with system privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.7 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 2.5 5.2
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung factorycamera *
CVE-2022-27839 MEDIUM

Improper authentication vulnerability in SecretMode in Samsung Internet prior to version 16.2.1 allows attackers to access bookmark tab without proper credentials.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 1.8 1.4
nvd@nist.gov 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,CWE-287,

Products Affected

Vendor Product Version
samsung internet *
CVE-2022-27840 LOW

Improper access control vulnerability in SamsungRecovery prior to version 8.1.43.0 allows local attckers to delete arbitrary files as SamsungRecovery permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L 1.8 2.5
nvd@nist.gov 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L 1.8 2.5

CVSS 2.0

Severity: LOW

Problem Type: CWE-269,CWE-276,

Products Affected

Vendor Product Version
samsung recovery *
CVE-2022-27841 LOW

Improper exception handling in Samsung Pass prior to version 3.7.07.5 allows physical attacker to view the screen that is previously running without authentication

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 0.7 3.6
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 0.7 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-703,CWE-755,

Products Affected

Vendor Product Version
samsung samsung_pass *
CVE-2022-27842 MEDIUM

DLL hijacking vulnerability in Smart Switch PC prior to version 4.2.22022_4 allows attacker to execute abitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 2.5 3.6
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,CWE-427,

Products Affected

Vendor Product Version
samsung smart_switch_pc *
CVE-2022-27843 MEDIUM

DLL hijacking vulnerability in Kies prior to version 2.6.4.22014_2 allows attacker to execute abitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 2.5 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,CWE-427,

Products Affected

Vendor Product Version
samsung kies *
CVE-2022-28541 MEDIUM

Uncontrolled search path element vulnerability in Samsung Update prior to version 3.0.77.0 allows attackers to execute arbitrary code as Samsung Update permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,CWE-427,

Products Affected

Vendor Product Version
samsung update *
CVE-2022-28542 LOW

Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.40.5 allows local attackers to access privileged content providers as Galaxy Store permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 6.8 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N 2.5 4.2

CVSS 2.0

Severity: LOW

Problem Type: CWE-284,CWE-863,

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2022-28543 LOW

Path traversal vulnerability in Samsung Flow prior to version 4.8.07.4 allows local attackers to read arbitrary files as Samsung Flow permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-22,CWE-22,

Products Affected

Vendor Product Version
samsung samsung_flow *
CVE-2022-28544 MEDIUM

Path traversal vulnerability in unzip method of InstallAgentCommonHelper in Galaxy store prior to version 4.5.40.5 allows attacker to access the file of Galaxy store.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 2.5 3.6
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,CWE-22,

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2022-28775 LOW

Improper access control vulnerability in Samsung Flow prior to version 4.8.06.5 allows attacker to write the file without Samsung Flow permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L 2.5 2.5
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung samsung_flow *
CVE-2022-28776 MEDIUM

Improper access control vulnerability in Galaxy Store prior to version 4.5.36.4 allows attacker to install applications from Galaxy Store without user interactions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-285,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2022-28777 LOW

Improper access control vulnerability in Samsung Members prior to version 13.6.08.5 allows local attacker to execute call function without CALL_PHONE permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L 2.5 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung members *
CVE-2022-28778 LOW

Improper access control vulnerability in Samsung Security Supporter prior to version 1.2.40.0 allows attacker to set the arbitrary folder as Secret Folder without Samsung Security Supporter permission

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N 1.8 2.5

CVSS 2.0

Severity: LOW

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung samsung_security_supporter *
CVE-2022-28779 MEDIUM

Uncontrolled search path element vulnerability in Samsung Android USB Driver windows installer program prior to version 1.7.50 allows attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:H 0.6 4.7
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-427,CWE-427,

Products Affected

Vendor Product Version
samsung android_usb_driver_windows_installer *
CVE-2022-28789 LOW

Unprotected activities in Voice Note prior to version 21.3.51.11 allows attackers to record voice without user interaction. The patch adds proper permission for vulnerable activities.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-862,CWE-862,

Products Affected

Vendor Product Version
samsung voice_note *
CVE-2022-28790 LOW

Improper authentication in Link to Windows Service prior to version 2.3.04.1 allows attacker to lock the device. The patch adds proper caller signature check logic.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L 1.8 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 2.5 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-287,CWE-287,

Products Affected

Vendor Product Version
samsung link_to_windows_service *
CVE-2022-28791 LOW

Improper input validation vulnerability in InstallAgent in Galaxy Store prior to version 4.5.41.8 allows attacker to overwrite files stored in a specific path. The patch adds proper protection to prevent overwrite to existing files.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 2.5 3.6
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,CWE-20,

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2022-28792 MEDIUM

DLL hijacking vulnerability in Gear IconX PC Manager prior to version 2.1.220405.51 allows attacker to execute arbitrary code. The patch adds proper absolute path to prevent dll hijacking.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 2.5 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-427,CWE-427,

Products Affected

Vendor Product Version
samsung gear_iconx_pc_manager *
CVE-2022-28793 LOW

Given the TEE is compromised and controlled by the attacker, improper state maintenance in StrongBox allows attackers to change Android ROT during device boot cycle after compromising TEE. The patch is applied in Galaxy S22 to prevent change of Android ROT after first initialization at boot time.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N 0.8 3.6
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N 0.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-754,CWE-754,

Products Affected

Vendor Product Version
samsung galaxy_s22_firmware -
CVE-2022-30730 LOW

Improper authorization in Samsung Pass prior to 1.0.00.33 allows physical attackers to acess account list without authentication.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6
nvd@nist.gov 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-285,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung samsung_pass *
CVE-2022-30731 LOW

Improper access control vulnerability in My Files prior to version 13.1.00.193 allows attackers to access arbitrary private files in My Files application.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 2.5 2.5
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-862,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung my_files *
CVE-2022-30732 MEDIUM

Exposure of Sensitive Information vulnerability in Samsung Account prior to version 13.2.00.6 allows attacker to access sensitive information via onActivityResult.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,CWE-668,

Products Affected

Vendor Product Version
samsung account *
CVE-2022-30733 MEDIUM

Sensitive information exposure in Sign-in log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email or phone number without permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,CWE-532,

Products Affected

Vendor Product Version
samsung account *
CVE-2022-30734 MEDIUM

Sensitive information exposure in Sign-out log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email or phone number without permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,CWE-668,

Products Affected

Vendor Product Version
samsung account *
CVE-2022-30735 MEDIUM

Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the access_token without permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,CWE-269,

Products Affected

Vendor Product Version
samsung account *
CVE-2022-30736 MEDIUM

Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the data of contact and gallery without permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L 1.8 3.4
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,CWE-269,

Products Affected

Vendor Product Version
samsung account *
CVE-2022-30737 MEDIUM

Implicit Intent hijacking vulnerability in Samsung Account prior to version 13.2.00.6 allows attackers to get email ID.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
samsung account *
CVE-2022-30738 MEDIUM

Improper check in Loader in Samsung Internet prior to 17.0.1.69 allows attackers to spoof address bar via executing script.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-703,CWE-754,

Products Affected

Vendor Product Version
samsung internet *
CVE-2022-30739 MEDIUM

Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get an user email or phone number with a normal level permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 2.8 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,CWE-269,

Products Affected

Vendor Product Version
samsung account *
CVE-2022-30740 LOW

Improper auto-fill algorithm in Samsung Internet prior to version 17.0.1.69 allows physical attackers to guess stored credit card numbers.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.1 MEDIUM CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N 0.5 3.6
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 0.7 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,CWE-922,

Products Affected

Vendor Product Version
samsung internet *
CVE-2022-30741 LOW

Sensitive information exposure vulnerability in SimChangeAlertManger of Find My Mobile prior to 7.2.24.12 allows local attackers with log access permission to get sim card information through device log.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,CWE-532,

Products Affected

Vendor Product Version
samsung find_my_mobile *
CVE-2022-30742 LOW

Sensitive information exposure vulnerability in FmmExtraOperation of Find My Mobile prior to 7.2.24.12 allows local attackers with log access permissio to get sim card information through device log.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,CWE-532,

Products Affected

Vendor Product Version
samsung find_my_mobile *
CVE-2022-30743 MEDIUM

Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the data of contact and gallery without permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L 1.8 3.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,CWE-269,

Products Affected

Vendor Product Version
samsung account *
CVE-2022-30744 MEDIUM

DLL hijacking vulnerability in KiesWrapper in Samsung Kies prior to version 2.6.4.22043_1 allows attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 2.5 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,CWE-427,

Products Affected

Vendor Product Version
samsung kies *
CVE-2022-30745 LOW

Improper access control vulnerability in Quick Share prior to version 13.1.2.4 allows attacker to access internal files in Quick Share.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung quick_share *
CVE-2022-30746 MEDIUM

Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access senstive information remotely using javascript interface API.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
mobile.security@samsung.com 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-285,CWE-862,

Products Affected

Vendor Product Version
samsung smartthings *
CVE-2022-30747 LOW

PendingIntent hijacking vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to access files without permission via implicit Intent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-276,CWE-276,

Products Affected

Vendor Product Version
samsung smartthings *
CVE-2022-30748 LOW

Unprotected dynamic receiver in Samsung Members prior to version 4.2.005 allows attacker to launch arbitrary activity.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-561,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung members *
CVE-2022-30749 MEDIUM

Improper access control vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to add arbitrary smart devices by bypassing login activity.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 1.8 1.4
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,CWE-287,

Products Affected

Vendor Product Version
samsung smartthings *
CVE-2022-33705 LOW

Information exposure in Calendar prior to version 12.3.05.10000 allows attacker to access calendar schedule without READ_CALENDAR permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-285,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung calendar *
CVE-2022-33706 LOW

Improper access control vulnerability in Samsung Gallery prior to version 13.1.05.8 allows physical attackers to access the pictures using S Pen air gesture.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 2.4 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 0.9 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung samsung_gallery *
CVE-2022-33707 MEDIUM

Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker to identify the device.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-334,CWE-330,

Products Affected

Vendor Product Version
samsung find_my_mobile *
CVE-2022-33708 HIGH

Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,CWE-269,

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2022-33709 HIGH

Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,CWE-269,

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2022-33710 HIGH

Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,CWE-269,

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2022-33711 LOW

Improper validation of integrity check vulnerability in Samsung USB Driver Windows Installer for Mobile Phones prior to version 1.7.56.0 allows local attackers to delete arbitrary directory using directory junction.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-354,CWE-354,

Products Affected

Vendor Product Version
samsung android_usb_driver *
CVE-2022-33712 MEDIUM

Intent redirection vulnerability using implict intent in Camera prior to versions 12.0.01.64 ,12.0.3.23, 12.0.0.98, 12.0.6.11, 12.0.3.19 in Android S(12) allows attacker to get sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-285,CWE-601,

Products Affected

Vendor Product Version
samsung camera *
CVE-2022-33713 MEDIUM

Implicit Intent hijacking vulnerability in Samsung Cloud prior to version 5.2.0 allows attacker to get sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-285,NVD-CWE-Other,

Products Affected

Vendor Product Version
samsung cloud *
CVE-2022-33733

Sensitive information exposure in onCharacteristicRead in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung charm *
CVE-2022-33734

Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung charm *
CVE-2022-35858

The TEE_PopulateTransientObject and __utee_from_attr functions in Samsung mTower 0.3.0 allow a trusted application to trigger a memory overwrite, denial of service, and information disclosure by invoking the function TEE_PopulateTransientObject with a large number in the parameter attrCount.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung mtower 0.3.0
CVE-2022-36621

Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_AllocateTransientObject.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung mtower *
CVE-2022-36622

Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_GetObjectInfo1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung mtower *
CVE-2022-36829

PendingIntent hijacking vulnerability in releaseAlarm in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung charm_firmware *
CVE-2022-36830

PendingIntent hijacking vulnerability in cancelAlarmManager in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung charm_firmware *
CVE-2022-36831

Path traversal vulnerability in UriFileUtils of Samsung Notes prior to version 4.3.14.39 allows attacker to access some file as Samsung Notes permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung notes *
CVE-2022-36832

Improper access control vulnerability in WebApp in Cameralyzer prior to versions 3.2.22, 3.3.22, 3.4.22 and 3.5.51 allows attackers to access external storage as Cameralyzer privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung cameralyzer *
CVE-2022-36833

Improper Privilege Management vulnerability in Game Optimizing Service prior to versions 3.3.04.0 in Android 10, and 3.5.04.8 in Android 11 and above allows local attacker to execute hidden function for developer by changing package name.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L 2.5 4.7

Products Affected

Vendor Product Version
samsung gameoptimizingservice *
CVE-2022-36834

Exposure of Sensitive Information vulnerability in Game Launcher prior to version 6.0.07 allows local attacker to access app data with user interaction.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N 1.3 3.6
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N 0.8 2.5

Products Affected

Vendor Product Version
samsung game_launcher *
CVE-2022-36835

Implicit Intent hijacking vulnerability in Samsung Internet Browser prior to version 17.0.7.34 allows attackers to access arbitrary files.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung samsung_internet_browser *
CVE-2022-36836

Unprotected provider vulnerability in Charm by Samsung prior to version 1.2.3 allows attackers to read connection state without permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung charm_firmware *
CVE-2022-36837

Intent redirection vulnerability using implicit intent in Samsung email prior to version 6.1.70.20 allows attacker to get sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung samsung_email *
CVE-2022-36838

Implicit Intent hijacking vulnerability in Galaxy Wearable prior to version 2.2.50 allows attacker to get sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung galaxy_wearable *
CVE-2022-36839

SQL injection vulnerability via IAPService in Samsung Checkout prior to version 5.0.53.1 allows attackers to access IAP information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung checkout *
CVE-2022-36840

DLL hijacking vulnerability in Samsung Update Setup prior to version 2.2.9.50 allows attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 4.5 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L 1.0 3.4

Products Affected

Vendor Product Version
samsung update *
CVE-2022-36851

Improper access control vulnerability in Samsung pass prior to version 4.0.03.1 allow physical attackers to access data of Samsung pass on a certain state of an unlocked device.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.9 LOW CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.3 3.6
nvd@nist.gov 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6

Products Affected

Vendor Product Version
samsung samsung_pass *
CVE-2022-36857

Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows physical attackers to read internal application data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 1.9 LOW CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N 0.5 1.4
nvd@nist.gov 2.4 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 0.9 1.4

Products Affected

Vendor Product Version
google android 11.0
samsung photo_editor *
CVE-2022-36859

Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.21-6 allows privileged attackers to trigger a XSS on a victim's devices.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.8 MEDIUM CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 1.7 2.7
mobile.security@samsung.com 5.7 MEDIUM CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.1 3.6

Products Affected

Vendor Product Version
samsung smarttagplugin *
CVE-2022-36864

Improper access control and intent redirection in Samsung Email prior to 6.1.70.20 allows attacker to access specific formatted file and execute privileged behavior.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung samsung_email *
CVE-2022-36865

Improper access control in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to access device information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung group_sharing *
CVE-2022-36866

Improper access control vulnerability in Broadcaster in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to identify the device.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung group_sharing *
CVE-2022-36867

Improper access control vulnerability in Editor Lite prior to version 4.0.40.14 allows attackers to access sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4

Products Affected

Vendor Product Version
samsung editor_lite *
CVE-2022-36869

Improper access control vulnerability in ContactsDumpActivity of?Contacts Provider prior to version 12.7.59 allows attacker to access the file without permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N 1.8 4.2
mobile.security@samsung.com 6.6 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L 1.8 4.7

Products Affected

Vendor Product Version
samsung contacts_provider *
CVE-2022-36870

Pending Intent hijacking vulnerability in MTransferNotificationManager in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:L 1.8 2.7
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N 2.0 4.0

Products Affected

Vendor Product Version
samsung samsung_pay *
samsung samsung_pay_kr *
CVE-2022-36871

Pending Intent hijacking vulnerability in NotiCenterUtils in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:L 1.8 2.7
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N 2.0 4.0

Products Affected

Vendor Product Version
samsung samsung_pay *
samsung samsung_pay_kr *
CVE-2022-36872

Pending Intent hijacking vulnerability in SpayNotification in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N 2.0 4.0
mobile.security@samsung.com 5.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:L 1.8 2.7

Products Affected

Vendor Product Version
samsung samsung_pay *
samsung samsung_pay_kr *
CVE-2022-36873

Improper restriction of broadcasting Intent in GalaxyStoreBridgePageLinker of?Waterplugin prior to version 2.2.11.22081151 leaks MAC address of the connected Bluetooth device.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.8 3.6
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4

Products Affected

Vendor Product Version
samsung galaxy_watch_plugin *
CVE-2022-36874

Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin prior to 2.2.11.22040751 allows attacker to access device IMEI and Serial number.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4
nvd@nist.gov 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung galaxy_watch_plugin *
CVE-2022-36875

Improper restriction of broadcasting Intent in SaWebViewRelayActivity of?Waterplugin prior to version 2.2.11.22081151 allows attacker to access the file without permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 6.6 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L 1.8 4.7

Products Affected

Vendor Product Version
samsung galaxy_watch_plugin *
CVE-2022-36876

Improper authorization in UPI payment in Samsung Pass prior to version 4.0.04.10 allows physical attackers to access account list without authentication.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 2.4 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 0.9 1.4
mobile.security@samsung.com 1.8 LOW CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N 0.3 1.4

Products Affected

Vendor Product Version
samsung samsung_pass *
CVE-2022-36877

Exposure of Sensitive Information in FaqSymptomCardViewModel in Samsung Members prior to versions 4.3.00.11 in Global and 14.0.02.4 in China allows local attackers to access device identification via log.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 2.8 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N 1.3 1.4

Products Affected

Vendor Product Version
samsung samsung_members *
CVE-2022-36878

Exposure of Sensitive Information in Find My Mobile prior to version 7.2.25.14 allows local attacker to access IMEI via log.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung find_my_mobile *
CVE-2022-38155

TEE_Malloc in Samsung mTower through 0.3.0 allows a trusted application to achieve Excessive Memory Allocation via a large len value, as demonstrated by a Numaker-PFM-M2351 TEE kernel crash.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung mtower *
CVE-2022-39828

sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of EC_KEY_set_private_key, leading to a denial of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung mtower *
CVE-2022-39829

There is a NULL pointer dereference in aes256_encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of EVP_CIPHER_CTX_new.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung mtower *
CVE-2022-39830

sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of EC_KEY_set_public_key_affine_coordinates, leading to a denial of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung mtower *
CVE-2022-39844

Improper validation of integrity check vulnerability in Smart Switch PC prior to version 4.3.22083 allows local attackers to delete arbitrary directory using directory junction.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 1.8 5.2

Products Affected

Vendor Product Version
samsung smart_switch_pc *
CVE-2022-39845

Improper validation of integrity check vulnerability in Samsung Kies prior to version 2.6.4.22074 allows local attackers to delete arbitrary directory using directory junction.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 1.8 5.2
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung kies *
CVE-2022-39846

DLL hijacking vulnerability in Smart Switch PC prior to version 4.3.22083_3 allows attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 2.5 3.6
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung smart_switch_pc *
CVE-2022-39857

Improper access control vulnerability in CameraTestActivity in FactoryCameraFB prior to version 3.5.51 allows attackers to access broadcasting Intent as system uid privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L 2.5 4.7

Products Affected

Vendor Product Version
samsung factorycamerafb *
CVE-2022-39858

Path traversal vulnerability in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to write arbitrary file as FactoryCamera privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L 2.5 4.7

Products Affected

Vendor Product Version
samsung factorycamera *
CVE-2022-39859

Implicit intent hijacking vulnerability in UPHelper library prior to version 3.0.12 allows attackers to access sensitive information via implicit intent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung uphelper_library *
CVE-2022-39860

Improper access control vulnerability in QuickShare prior to version 13.2.3.5 allows attackers to access sensitive information via implicit broadcast.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L 1.8 2.5
nvd@nist.gov 3.5 LOW CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.1 1.4

Products Affected

Vendor Product Version
samsung quick_share *
CVE-2022-39861

Unprotected Receiver in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to record video without camera privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung factorycamera *
CVE-2022-39862

Improper authorization in Dynamic Lockscreen prior to SMR Sep-2022 Release 1 in Android R(11) and 3.3.03.66 in Android S(12) allows unauthorized use of javascript interface api.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung dynamic_lockscreen *
CVE-2022-39863

Intent redirection vulnerability in Samsung Account prior to version 13.5.01.3 allows attackers to access content providers without permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.6 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N 1.8 1.4
nvd@nist.gov 4.7 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
samsung account *
CVE-2022-39864

Improper access control vulnerability in WifiSetupLaunchHelper in SmartThings prior to version 1.7.89.25 allows attackers to access sensitive information via implicit intent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung smartthings *
CVE-2022-39865

Improper access control vulnerability in ContentsSharingActivity.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung smartthings *
CVE-2022-39866

Improper access control vulnerability in RegisteredEventMediator.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung smartthings *
CVE-2022-39867

Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via SHOW_PERSISTENT_BANNER broadcast.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
samsung smartthings *
CVE-2022-39868

Improper access control vulnerability in GedSamsungAccount.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
samsung smartthings *
CVE-2022-39869

Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via REMOVE_PERSISTENT_BANNER broadcast.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung smartthings *
CVE-2022-39870

Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via PUSH_MESSAGE_RECEIVED broadcast.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
samsung smartthings *
CVE-2022-39871

Improper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcasts.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
samsung smartthings *
CVE-2022-39872

Improper restriction of broadcasting Intent in ShareLive prior to version 13.2.03.5 leaks MAC address of the connected Bluetooth device.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4

Products Affected

Vendor Product Version
samsung sharelive *
CVE-2022-39873

Improper authorization vulnerability in Samsung Internet prior to version 18.0.4.14 allows physical attackers to add bookmarks in secret mode without user authentication.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 0.7 3.6
nvd@nist.gov 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 0.9 3.6

Products Affected

Vendor Product Version
samsung internet *
CVE-2022-39874

Sensitive log information leakage vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung account *
CVE-2022-39875

Improper component protection vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L 1.8 2.5
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 2.5 2.5

Products Affected

Vendor Product Version
samsung account *
CVE-2022-39876

Insertion of Sensitive Information into Log in PushRegIdUpdateClient of SReminder prior to 8.2.01.13 allows attacker to access device IMEI.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4

Products Affected

Vendor Product Version
samsung reminder *
CVE-2022-39877

Improper access control vulnerability in ProfileSharingAccount in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to identify the device.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung group_sharing *
CVE-2022-39878

Improper access control vulnerability in Samsung Checkout prior to version 5.0.55.3 allows attackers to access sensitive information via implicit intent broadcast.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung checkout *
CVE-2022-39881

Improper input validation vulnerability for processing SIB12 PDU in Exynos modems prior to SMR Sep-2022 Release allows remote attacker to read out of bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 3.9 5.2
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 1.6 3.6

Products Affected

Vendor Product Version
samsung exynos_firmware -
CVE-2022-39889

Improper access control vulnerability in GalaxyWatch4Plugin prior to versions 2.2.11.22101351 and 2.2.12.22101351 allows attackers to access wearable device information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung galaxywatch4plugin *
samsung galaxywatch4plugin 2.2.11.22102751
CVE-2022-39890

Improper Authorization in Samsung Billing prior to version 5.0.56.0 allows attacker to get sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung billing *
CVE-2022-39891

Heap overflow vulnerability in parse_pce function in libsavsaudio.so in Editor Lite prior to version 4.0.41.3 allows attacker to get information.

Products Affected

Vendor Product Version
samsung editor_lite *
CVE-2022-39892

Improper access control in Samsung Pass prior to version 4.0.05.1 allows attackers to unauthenticated access via keep open feature.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.6 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N 1.8 1.4
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung pass *
CVE-2022-39893

Sensitive information exposure vulnerability in FmmBaseModel in Galaxy Buds Pro Manage prior to version 4.1.22092751 allows local attackers with log access permission to get device identifier data through device log.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung galaxy_buds_pro_manage *
CVE-2022-39901

Improper authentication in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to disable the network traffic encryption between UE and gNodeB.

Products Affected

Vendor Product Version
samsung exynos_firmware -
CVE-2022-39902

Improper authorization in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to get sensitive information including IMEI via emergency call.

Products Affected

Vendor Product Version
samsung exynos_firmware -
CVE-2022-39909

Insufficient verification of data authenticity vulnerability in Samsung Gear IconX PC Manager prior to version 2.1.221019.51 allows local attackers to create arbitrary file using symbolic link.

Products Affected

Vendor Product Version
samsung gear_iconx_pc_manager *
CVE-2022-39910

Improper access control vulnerability in Samsung Pass prior to version 4.0.06.7 allow physical attackers to access data of Samsung Pass on a certain state of an unlocked device using pop-up view.

Products Affected

Vendor Product Version
samsung pass *
CVE-2022-39911

Improper check or handling of exceptional conditions vulnerability in Samsung Pass prior to version 4.0.06.1 allows attacker to access Samsung Pass.

Products Affected

Vendor Product Version
samsung pass *
CVE-2022-39915

Improper access control vulnerability in Calendar prior to versions 11.6.08.0 in Android Q(10), 12.2.11.3000 in Android R(11), 12.3.07.2000 in Android S(12), and 12.4.02.0 in Android T(13) allows attackers to access sensitive information via implicit intent.

Products Affected

Vendor Product Version
samsung calendar *
CVE-2022-40278

An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). createDB in security/provisioning/src/provisioningdatabasemanager.c has a missing sqlite3_free after sqlite3_exec, leading to a denial of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung tizenrt 1.0
samsung tizenrt 3.0
samsung tizenrt 3.1
samsung tizenrt 1.1
samsung tizenrt 2.0
CVE-2022-40279

An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). l2_packet_receive_timeout in wpa_supplicant/src/l2_packet/l2_packet_pcap.c has a missing check on the return value of pcap_dispatch, leading to a denial of service (malfunction).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung tizenrt 1.0
samsung tizenrt 3.0
samsung tizenrt 3.1
samsung tizenrt 1.1
samsung tizenrt 2.0
CVE-2022-40280

An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). createDB in security/provisioning/src/provisioningdatabasemanager.c has a missing sqlite3_close after sqlite3_open_v2, leading to a denial of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung tizenrt 1.0
samsung tizenrt 3.0
samsung tizenrt 1.1
samsung tizenrt 2.0
CVE-2022-40281

An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). cyassl_connect_step2 in curl/vtls/cyassl.c has a missing X509_free after SSL_get_peer_certificate, leading to information disclosure.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
samsung tizenrt 1.0
samsung tizenrt 3.0
samsung tizenrt 1.1
samsung tizenrt 2.0
CVE-2022-40757

A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACComputeFinal with an excessive size value of messageLen.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung mtower *
CVE-2022-40758

A Buffer Access with Incorrect Length Value vulnerablity in the TEE_CipherUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_CipherUpdate with an excessive size value of srcLen.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung mtower *
CVE-2022-40759

A NULL pointer dereference issue in the TEE_MACCompareFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACCompareFinal with a NULL pointer for the parameter operation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung mtower *
CVE-2022-40760

A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACUpdate with an excessive size value of chunkSize.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung mtower *
CVE-2022-40761

The function tee_obj_free in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_AllocateOperation with a disturbed heap layout, related to utee_cryp_obj_alloc.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung mtower *
CVE-2022-40762

A Memory Allocation with Excessive Size Value vulnerablity in the TEE_Realloc function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_Realloc with an excessive number for the parameter len.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung mtower *
CVE-2022-44636

The Samsung TV (2021 and 2022 model) smart remote control allows attackers to enable microphone access via Bluetooth spoofing when a user is activating remote control by pressing a button. This is fixed in xxx72510, E9172511 for 2021 models, xxxA1000, 4x2A0200 for 2022 models.

Products Affected

Vendor Product Version
samsung t-oscpuabc_firmware -
samsung t-oscpdeuc_firmware -
samsung t-ksu2eakuc_firmware -
samsung t-nkm2deuc_firmware -
samsung t-ksu2euab_firmware -
samsung t-ptmakuc_firmware -
samsung t-nkm2uabc_firmware -
samsung t-ksu2edeuc_firmware -
samsung t-nkluabc_firmware -
samsung t-ptmdeuc_firmware -
samsung t-nkm2akuc_firmware -
samsung t-ptmuabc_firmware -
samsung t-nkldeuc_firmware -
samsung t-oscpakuc_firmware -
samsung t-nklakuc_firmware -
CVE-2022-4894

Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H 1.3 5.9

Products Affected

Vendor Product Version
hp 4zb97a_firmware -
hp 715a2a_firmware -
samsung ss256d_firmware -
samsung ss348c_firmware -
samsung 7fr05a#ab1_firmware -
samsung ss076s_firmware -
samsung ss107b_firmware -
samsung ss352n_firmware -
samsung ss365e_firmware -
samsung ss343a_firmware -
samsung ss049e_firmware -
samsung ss204m_firmware -
samsung 3b0c1a#304_firmware -
samsung 7fq98a#ab1_firmware -
samsung ss395e_firmware -
samsung ss390b_firmware -
samsung ss322b_firmware -
samsung st688e_firmware -
samsung ss343h_firmware -
samsung ss354a_firmware -
samsung ss327d_firmware -
hp 4zb86a_firmware -
samsung ss205d_firmware -
samsung st679a_firmware -
samsung ss387a_firmware -
samsung ss326e_firmware -
samsung ss211j_firmware -
samsung ss230n_firmware -
samsung ss108e_firmware -
samsung 3b0c5a#ab1_firmware -
samsung ss229c_firmware -
samsung st679c_firmware -
hp 714z7a_firmware -
samsung ss043f_firmware -
samsung ss150t_firmware -
samsung 7gf50a#ab1_firmware -
samsung ss326a_firmware -
samsung ss027f_firmware -
samsung ss368g_firmware -
samsung ss377d_firmware -
samsung ss105d_firmware -
samsung ss398b_firmware -
samsung ss216h_firmware -
samsung ss349b_firmware -
samsung ss195b_firmware -
samsung ss153h_firmware -
samsung ss106j_firmware -
samsung ss365g_firmware -
samsung ss213a_firmware -
samsung ss204a_firmware -
samsung ss216g_firmware -
samsung ss205f_firmware -
samsung ss150s_firmware -
samsung ss390h_firmware -
samsung ss043l_firmware -
samsung ss392a_firmware -
samsung ss271g_firmware -
samsung ss383c_firmware -
samsung ss369a_firmware -
samsung ss195a_firmware -
samsung ss383y_firmware -
samsung ss043c_firmware -
samsung ss395j_firmware -
samsung ss343c_firmware -
samsung ss343j_firmware -
samsung ss230k_firmware -
samsung ss257f_firmware -
samsung ss257q_firmware -
samsung ss397g_firmware -
samsung ss367e_firmware -
samsung 7fq94a#ab1_firmware -
samsung ss204k_firmware -
samsung ss041f_firmware -
samsung ss042c_firmware -
samsung ss283a_firmware -
samsung st684a_firmware -
samsung ss230b_firmware -
samsung ss103a_firmware -
samsung ss271n_firmware -
samsung ss365l_firmware -
samsung st673a_firmware -
samsung ss367b_firmware -
samsung ss342e_firmware -
samsung ss390c_firmware -
samsung ss229j_firmware -
samsung ss211f_firmware -
samsung ss058f_firmware -
hp 7zb20a_firmware -
samsung ss076t_firmware -
samsung ss229g_firmware -
samsung ss076j_firmware -
samsung sw116b_firmware -
samsung st679d_firmware -
samsung ss334c_firmware -
samsung ss339b_firmware -
samsung ss257j_firmware -
samsung ss340b_firmware -
samsung ss352j_firmware -
samsung ss383t_firmware -
samsung ss153j_firmware -
samsung ss217a_firmware -
samsung ss107l_firmware -
samsung ss058b_firmware -
samsung ss257a_firmware -
samsung ss336b_firmware -
samsung 8pa14a#302_firmware -
samsung 3b0d1a#ab1_firmware -
samsung ss389q_firmware -
samsung ss272a_firmware -
samsung ss353a_firmware -
samsung ss383p_firmware -
samsung 7gf48a#ab1_firmware -
samsung ss342f_firmware -
samsung ss352k_firmware -
samsung ss076n_firmware -
samsung ss104a_firmware -
samsung ss343b_firmware -
samsung ss041d_firmware -
samsung ss390d_firmware -
hp 6hu09a_firmware -
samsung ss150q_firmware -
samsung st695c_firmware -
samsung ss356a_firmware -
samsung ss219f_firmware -
hp 4zb90a_firmware -
samsung ss396c_firmware -
samsung ss368d_firmware -
samsung ss384c_firmware -
samsung ss049j_firmware -
samsung ss257l_firmware -
samsung ss027l_firmware -
samsung ss049k_firmware -
samsung ss256g_firmware -
samsung ss205m_firmware -
samsung ss272e_firmware -
samsung ss353c_firmware -
samsung ss272l_firmware -
samsung ss107d_firmware -
samsung ss338a_firmware -
samsung ss216c_firmware -
samsung 7fq95a#ab1_firmware -
samsung ss218g_firmware -
samsung ss049c_firmware -
samsung ss382a_firmware -
samsung ss339f_firmware -
samsung ss041g_firmware -
samsung ss058j_firmware -
samsung ss334f_firmware -
hp 209u7a_firmware -
samsung st695d_firmware -
samsung ss058h_firmware -
samsung ss359z_firmware -
samsung ss033a_firmware -
samsung ss365f_firmware -
samsung ss218h_firmware -
samsung 7fq86a#ab1_firmware -
samsung ss058a_firmware -
samsung ss033g_firmware -
samsung ss043k_firmware -
samsung ss234a_firmware -
samsung ss219c_firmware -
samsung ss395k_firmware -
samsung ss387b_firmware -
samsung 3b0c9a#304_firmware -
samsung ss076h_firmware -
samsung ss395c_firmware -
samsung ss339e_firmware -
samsung ss383e_firmware -
samsung ss213f_firmware -
samsung ss107h_firmware -
samsung ss216u_firmware -
samsung ss383s_firmware -
samsung ss033h_firmware -
samsung ss256e_firmware -
samsung ss331a_firmware -
samsung ss351a_firmware -
samsung st679e_firmware -
samsung ss076w_firmware -
samsung ss213b_firmware -
samsung ss271d_firmware -
samsung ss368j_firmware -
samsung ss204e_firmware -
hp 4zb79a_firmware -
samsung ss150h_firmware -
samsung ss390g_firmware -
samsung ss211g_firmware -
samsung ss391e_firmware -
samsung ss230e_firmware -
samsung ss395s_firmware -
samsung ss027c_firmware -
samsung ss106f_firmware -
samsung ss383m_firmware -
samsung ss352b_firmware -
samsung ss198a_firmware -
samsung ss396b_firmware -
samsung ss396g_firmware -
samsung ss395n_firmware -
samsung ss342g_firmware -
hp 4zb96a_firmware -
samsung ss076v_firmware -
samsung ss041b_firmware -
samsung ss153d_firmware -
samsung ss043g_firmware -
samsung ss257z_firmware -
samsung ss377a_firmware -
samsung ss210e_firmware -
samsung st679f_firmware -
samsung ss229d_firmware -
samsung 3b0c3a#ab1_firmware -
samsung ss389e_firmware -
samsung ss150j_firmware -
samsung ss282b_firmware -
samsung ss275c_firmware -
samsung ss359p_firmware -
samsung ss380c_firmware -
samsung ss359l_firmware -
samsung ss377h_firmware -
samsung ss349a_firmware -
samsung ss359m_firmware -
samsung ss343g_firmware -
samsung ss365j_firmware -
samsung 3b0c0a#301_firmware -
samsung ss204g_firmware -
samsung ss216j_firmware -
samsung ss258a_firmware -
samsung ss033l_firmware -
samsung ss383a_firmware -
hp 7zb19a_firmware -
samsung ss377p_firmware -
samsung ss106n_firmware -
samsung ss102a_firmware -
hp 7uq76a_firmware -
samsung ss216a_firmware -
samsung sw176a_firmware -
samsung ss395p_firmware -
samsung ss404f_firmware -
samsung ss404j_firmware -
samsung ss255b_firmware -
samsung ss393c_firmware -
samsung ss033f_firmware -
samsung ss271b_firmware -
samsung ss205u_firmware -
samsung ss359d_firmware -
samsung ss218k_firmware -
samsung ss263b_firmware -
samsung ss397p_firmware -
samsung ss150a_firmware -
samsung ss397m_firmware -
hp 5ue14a_firmware -
samsung ss287a_firmware -
samsung ss342b_firmware -
samsung ss352g_firmware -
samsung st693c_firmware -
hp 8af50a_firmware -
samsung ss378d_firmware -
samsung st689a_firmware -
samsung ss230d_firmware -
samsung ss272z_firmware -
samsung ss404g_firmware -
samsung ss271p_firmware -
samsung st690b_firmware -
samsung ss076k_firmware -
samsung ss383l_firmware -
samsung ss106d_firmware -
samsung ss334b_firmware -
samsung ss359e_firmware -
samsung st685a_firmware -
samsung ss397f_firmware -
samsung ss108l_firmware -
samsung ss042b_firmware -
samsung ss404b_firmware -
samsung ss218b_firmware -
samsung ss044b_firmware -
samsung sv899c_firmware -
samsung 3a9x7a#ab1_firmware -
samsung ss105j_firmware -
samsung ss204l_firmware -
samsung ss205s_firmware -
samsung ss254b_firmware -
samsung 3a9x2a#301_firmware -
samsung ss150m_firmware -
samsung sw192a_firmware -
samsung ss205z_firmware -
samsung ss383n_firmware -
hp 7zb21a_firmware -
samsung ss229e_firmware -
samsung ss076q_firmware -
samsung ss389s_firmware -
samsung ss334e_firmware -
samsung ss378g_firmware -
samsung ss108h_firmware -
samsung ss218c_firmware -
samsung ss389p_firmware -
samsung ss276c_firmware -
samsung ss213d_firmware -
samsung 8pa12a#302_firmware -
samsung st684b_firmware -
samsung ss106z_firmware -
samsung ss396h_firmware -
samsung ss209a_firmware -
hp 4zb85a_firmware -
samsung ss151a_firmware -
samsung ss281b_firmware -
samsung ss339g_firmware -
samsung ss196c_firmware -
samsung ss395a_firmware -
samsung ss058c_firmware -
hp 6hu11a_firmware -
samsung ss105e_firmware -
samsung ss394a_firmware -
samsung ss404m_firmware -
samsung ss254d_firmware -
samsung ss105a_firmware -
samsung st686f_firmware -
samsung ss044f_firmware -
samsung ss365m_firmware -
samsung ss268b_firmware -
samsung ss365k_firmware -
samsung ss336a_firmware -
samsung ss076a_firmware -
samsung ss391b_firmware -
samsung ss389b_firmware -
samsung ss106l_firmware -
samsung ss260a_firmware -
samsung ss150p_firmware -
samsung ss059j_firmware -
samsung ss150c_firmware -
samsung st693d_firmware -
samsung ss107e_firmware -
samsung ss397d_firmware -
samsung ss404p_firmware -
samsung ss205a_firmware -
samsung ss219b_firmware -
samsung ss383k_firmware -
samsung ss256z_firmware -
samsung ss044h_firmware -
samsung ss216k_firmware -
samsung ss359f_firmware -
samsung ss211a_firmware -
samsung ss076m_firmware -
samsung ss106k_firmware -
samsung ss255a_firmware -
samsung ss395m_firmware -
samsung ss264a_firmware -
samsung ss205k_firmware -
samsung ss257d_firmware -
samsung ss216b_firmware -
hp w7u01a_firmware -
samsung ss276a_firmware -
samsung ss106p_firmware -
samsung ss076c_firmware -
samsung st683c_firmware -
samsung 7fr03a#ab1_firmware -
samsung ss210n_firmware -
samsung ss216m_firmware -
samsung 3a9x8a#ab1_firmware -
samsung 3b0c6a#312_firmware -
samsung ss211l_firmware -
hp 4zb87a_firmware -
samsung ss378c_firmware -
samsung 7fq99a#ab1_firmware -
samsung ss033n_firmware -
samsung ss075j_firmware -
hp 8af51a_firmware -
samsung ss282a_firmware -
samsung ss107n_firmware -
samsung ss383g_firmware -
samsung ss230g_firmware -
samsung ss384b_firmware -
samsung ss108k_firmware -
samsung ss404n_firmware -
samsung ss196e_firmware -
samsung ss049n_firmware -
samsung ss340d_firmware -
samsung ss330b_firmware -
samsung st683e_firmware -
samsung ss262a_firmware -
samsung 7fq90a#ab1_firmware -
hp 2ky38a_firmware -
samsung ss378f_firmware -
samsung st688j_firmware -
samsung ss404k_firmware -
samsung ss328a_firmware -
samsung ss396d_firmware -
samsung ss106s_firmware -
samsung ss043b_firmware -
samsung st694c_firmware -
samsung ss383b_firmware -
samsung ss216z_firmware -
samsung ss150e_firmware -
samsung ss397j_firmware -
samsung ss275a_firmware -
samsung ss044k_firmware -
samsung ss275b_firmware -
samsung ss027k_firmware -
samsung st686d_firmware -
samsung ss076e_firmware -
samsung ss397l_firmware -
samsung ss272p_firmware -
samsung ss150f_firmware -
samsung ss277b_firmware -
samsung sv531a_firmware -
samsung ss205j_firmware -
samsung ss389f_firmware -
samsung ss381a_firmware -
samsung st688a_firmware -
samsung 3a9x1a#ab1_firmware -
samsung st694d_firmware -
samsung ss359n_firmware -
samsung ss389k_firmware -
samsung ss369b_firmware -
samsung ss256k_firmware -
samsung ss108d_firmware -
samsung ss340a_firmware -
samsung ss218a_firmware -
samsung ss204h_firmware -
samsung ss256a_firmware -
hp 8af49a_firmware -
samsung ss229h_firmware -
samsung ss391c_firmware -
samsung ss277a_firmware -
samsung ss369e_firmware -
samsung 7gf53a#ab1_firmware -
samsung ss322c_firmware -
hp 7zb72a_firmware -
samsung ss205h_firmware -
samsung ss254f_firmware -
samsung ss043d_firmware -
samsung ss204d_firmware -
samsung ss335e_firmware -
samsung ss150l_firmware -
samsung ss076l_firmware -
samsung ss322a_firmware -
samsung st686e_firmware -
hp 4zb84a_firmware -
samsung ss359c_firmware -
samsung ss210c_firmware -
samsung ss218e_firmware -
samsung 3b0c8a#ab1_firmware -
samsung ss044l_firmware -
samsung sw176b_firmware -
samsung ss230s_firmware -
samsung st679b_firmware -
samsung ss076f_firmware -
samsung ss076g_firmware -
samsung ss105h_firmware -
samsung ss388a_firmware -
samsung ss272q_firmware -
samsung ss389g_firmware -
samsung ss395g_firmware -
samsung ss049b_firmware -
samsung 7fq93a#ab1_firmware -
samsung st688f_firmware -
samsung 3b0d3a#301_firmware -
samsung ss268a_firmware -
samsung ss152c_firmware -
samsung ss211m_firmware -
samsung ss076b_firmware -
samsung ss353b_firmware -
samsung ss352e_firmware -
samsung ss272k_firmware -
samsung ss107k_firmware -
samsung ss059c_firmware -
samsung ss059g_firmware -
samsung ss210j_firmware -
samsung ss149a_firmware -
hp 6hu10a_firmware -
samsung ss219d_firmware -
samsung ss377f_firmware -
samsung ss154b_firmware -
samsung ss342d_firmware -
hp 715a6a_firmware -
samsung ss272n_firmware -
samsung ss027d_firmware -
samsung ss359j_firmware -
samsung ss324a_firmware -
samsung ss396f_firmware -
samsung ss386b_firmware -
samsung ss271k_firmware -
samsung st690a_firmware -
samsung ss385a_firmware -
hp 6hu08a_firmware -
samsung st686c_firmware -
samsung ss256n_firmware -
samsung ss257e_firmware -
samsung ss210f_firmware -
samsung 3b0c4a#301_firmware -
samsung ss230f_firmware -
samsung ss281c_firmware -
samsung st682b_firmware -
samsung ss333a_firmware -
samsung ss107m_firmware -
samsung 7gf47a#ab1_firmware -
samsung ss076d_firmware -
samsung ss389z_firmware -
samsung ss395f_firmware -
samsung ss343d_firmware -
samsung ss042j_firmware -
samsung ss377b_firmware -
samsung ss337a_firmware -
samsung 7gf55a#ab1_firmware -
samsung ss326d_firmware -
samsung ss033e_firmware -
samsung ss044g_firmware -
samsung st683d_firmware -
samsung ss042d_firmware -
samsung ss211b_firmware -
samsung ss343f_firmware -
samsung ss335c_firmware -
samsung ss204p_firmware -
samsung ss326c_firmware -
samsung ss107q_firmware -
samsung ss377k_firmware -
samsung ss377n_firmware -
samsung ss359h_firmware -
samsung ss404c_firmware -
samsung ss205q_firmware -
samsung ss196h_firmware -
samsung ss108j_firmware -
samsung st687a_firmware -
samsung ss389m_firmware -
samsung ss233a_firmware -
samsung ss058g_firmware -
samsung ss150k_firmware -
samsung ss230j_firmware -
samsung ss107f_firmware -
hp 4zb83a_firmware -
samsung ss211d_firmware -
samsung ss278a_firmware -
samsung ss386a_firmware -
samsung ss349f_firmware -
samsung ss205p_firmware -
samsung ss397c_firmware -
samsung ss210d_firmware -
samsung ss389j_firmware -
samsung ss388d_firmware -
samsung ss256b_firmware -
samsung ss359b_firmware -
samsung ss257k_firmware -
samsung ss219e_firmware -
samsung ss059a_firmware -
samsung ss272s_firmware -
samsung ss384a_firmware -
samsung ss075f_firmware -
samsung ss106c_firmware -
samsung ss389l_firmware -
samsung ss107g_firmware -
samsung ss339d_firmware -
samsung ss058e_firmware -
samsung st688b_firmware -
samsung st693a_firmware -
samsung ss150g_firmware -
samsung ss352d_firmware -
samsung ss344b_firmware -
samsung ss377l_firmware -
samsung ss058d_firmware -
samsung 7fq89a#ab1_firmware -
samsung ss379b_firmware -
samsung ss334a_firmware -
samsung sw176c_firmware -
samsung ss331b_firmware -
samsung sv901b_firmware -
hp 4zb81a_firmware -
samsung ss273b_firmware -
samsung ss391d_firmware -
samsung ss256h_firmware -
samsung st690c_firmware -
hp 715a4a_firmware -
samsung ss272m_firmware -
samsung ss108a_firmware -
hp 4zb93a_firmware -
samsung ss378b_firmware -
samsung ss256f_firmware -
samsung ss389n_firmware -
samsung ss398g_firmware -
hp 714z6a_firmware -
samsung ss353g_firmware -
samsung ss398a_firmware -
samsung ss230p_firmware -
samsung st673b_firmware -
samsung ss344a_firmware -
hp 4zb92a_firmware -
samsung ss153c_firmware -
samsung ss049f_firmware -
samsung ss389h_firmware -
samsung ss365a_firmware -
samsung ss204c_firmware -
samsung ss378e_firmware -
samsung ss398c_firmware -
samsung ss350a_firmware -
samsung ss042f_firmware -
samsung ss199a_firmware -
samsung ss342c_firmware -
samsung ss389c_firmware -
samsung ss204b_firmware -
samsung ss353f_firmware -
samsung ss075b_firmware -
samsung ss205t_firmware -
samsung ss272f_firmware -
samsung ss256j_firmware -
samsung ss027a_firmware -
samsung 7fr00a#ab1_firmware -
samsung ss388f_firmware -
samsung ss340c_firmware -
samsung ss335d_firmware -
samsung ss271q_firmware -
samsung ss404q_firmware -
samsung ss152a_firmware -
samsung ss033k_firmware -
samsung ss236a_firmware -
samsung ss107a_firmware -
samsung ss325a_firmware -
samsung ss388h_firmware -
samsung ss335a_firmware -
samsung 8pa10a#301_firmware -
samsung ss059e_firmware -
samsung ss404l_firmware -
samsung ss332a_firmware -
hp 4zb89a_firmware -
samsung ss335b_firmware -
samsung ss256m_firmware -
samsung ss395q_firmware -
samsung ss279a_firmware -
samsung ss033d_firmware -
samsung ss404h_firmware -
samsung ss211p_firmware -
samsung ss396e_firmware -
samsung st688c_firmware -
samsung ss271e_firmware -
samsung ss257p_firmware -
samsung ss384d_firmware -
samsung ss390a_firmware -
samsung 7fq91a#ab1_firmware -
samsung ss323a_firmware -
samsung ss059d_firmware -
samsung ss210b_firmware -
samsung ss106e_firmware -
samsung ss272t_firmware -
samsung ss343k_firmware -
samsung ss383x_firmware -
samsung ss027g_firmware -
hp 715a3a_firmware -
samsung ss254a_firmware -
samsung ss392c_firmware -
samsung ss076z_firmware -
samsung ss377e_firmware -
samsung ss044a_firmware -
samsung ss388e_firmware -
samsung ss230z_firmware -
samsung ss154a_firmware -
samsung ss196a_firmware -
samsung ss075k_firmware -
samsung ss041a_firmware -
samsung ss287b_firmware -
samsung st686g_firmware -
samsung 3b0c7a#301_firmware -
samsung ss256c_firmware -
samsung st686h_firmware -
samsung ss383j_firmware -
samsung ss075g_firmware -
samsung ss105b_firmware -
samsung ss033j_firmware -
samsung ss397q_firmware -
samsung ss349c_firmware -
samsung ss042h_firmware -
samsung ss153f_firmware -
samsung ss059f_firmware -
samsung ss343e_firmware -
samsung ss365c_firmware -
samsung ss232a_firmware -
samsung ss389t_firmware -
samsung ss107c_firmware -
samsung ss219a_firmware -
samsung ss398e_firmware -
samsung ss395l_firmware -
samsung ss327a_firmware -
samsung ss380a_firmware -
samsung ss044e_firmware -
samsung ss369d_firmware -
samsung ss043h_firmware -
samsung ss075c_firmware -
samsung ss281a_firmware -
samsung ss042a_firmware -
samsung ss216e_firmware -
samsung ss339c_firmware -
samsung ss383z_firmware -
samsung ss383w_firmware -
samsung ss378a_firmware -
samsung ss257g_firmware -
samsung ss383u_firmware -
samsung 7gf51a#ab1_firmware -
samsung ss075a_firmware -
samsung 7gf54a#ab1_firmware -
hp 5ue15a_firmware -
hp 9vv52a_firmware -
samsung ss076u_firmware -
hp 715a0a_firmware -
samsung ss353d_firmware -
hp 714z9a_firmware -
hp 4zb82a_firmware -
samsung st679g_firmware -
samsung ss365d_firmware -
samsung ss229b_firmware -
samsung ss150d_firmware -
samsung 7gf49a#ab1_firmware -
samsung ss383d_firmware -
samsung ss106t_firmware -
samsung ss342a_firmware -
samsung ss033c_firmware -
samsung ss370a_firmware -
samsung ss272j_firmware -
samsung ss404e_firmware -
samsung ss256l_firmware -
samsung ss368f_firmware -
samsung ss259a_firmware -
samsung ss265a_firmware -
samsung ss352h_firmware -
samsung ss395d_firmware -
samsung ss205n_firmware -
samsung ss027e_firmware -
hp 715a5a_firmware -
samsung ss267a_firmware -
samsung ss044j_firmware -
samsung sw112b_firmware -
samsung ss335f_firmware -
samsung ss254e_firmware -
samsung ss229f_firmware -
samsung ss378h_firmware -
samsung ss216t_firmware -
samsung ss106g_firmware -
samsung st695b_firmware -
samsung ss359a_firmware -
samsung 7fr01a#ab1_firmware -
samsung ss352a_firmware -
samsung ss229a_firmware -
samsung ss108g_firmware -
samsung ss257n_firmware -
samsung ss105f_firmware -
samsung ss211n_firmware -
samsung ss256q_firmware -
samsung ss210m_firmware -
samsung ss044d_firmware -
samsung ss383q_firmware -
samsung ss216n_firmware -
samsung ss256t_firmware -
samsung ss391a_firmware -
samsung ss284b_firmware -
samsung ss367d_firmware -
hp w7u02a_firmware -
samsung ss380b_firmware -
samsung ss397h_firmware -
samsung ss335g_firmware -
samsung ss196b_firmware -
samsung ss049l_firmware -
samsung ss211k_firmware -
samsung ss105g_firmware -
samsung 3a9x4a#ab1_firmware -
samsung ss027j_firmware -
samsung 7fr02a#ab1_firmware -
samsung ss049m_firmware -
samsung ss330a_firmware -
samsung ss393a_firmware -
samsung ss272c_firmware -
samsung ss033b_firmware -
samsung ss357a_firmware -
samsung ss230q_firmware -
samsung ss368h_firmware -
samsung ss153b_firmware -
samsung ss044c_firmware -
samsung ss352q_firmware -
samsung ss367c_firmware -
samsung ss041h_firmware -
samsung ss237a_firmware -
samsung ss388l_firmware -
samsung ss368c_firmware -
samsung ss377c_firmware -
samsung ss389u_firmware -
samsung ss352c_firmware -
samsung ss230c_firmware -
samsung ss388g_firmware -
samsung ss076p_firmware -
samsung ss349e_firmware -
samsung ss254c_firmware -
samsung ss257h_firmware -
samsung 8pa11a#301_firmware -
samsung ss384e_firmware -
samsung ss404a_firmware -
hp 4zb80a_firmware -
samsung ss042g_firmware -
samsung ss041c_firmware -
samsung ss210l_firmware -
hp 715a1a_firmware -
samsung ss377g_firmware -
samsung ss108f_firmware -
samsung ss257c_firmware -
samsung ss367a_firmware -
samsung ss107j_firmware -
samsung st683a_firmware -
samsung ss049d_firmware -
samsung ss359g_firmware -
samsung ss383h_firmware -
samsung ss230h_firmware -
samsung ss386d_firmware -
samsung ss216s_firmware -
samsung ss106h_firmware -
samsung ss397n_firmware -
samsung ss393b_firmware -
samsung ss386e_firmware -
samsung ss216f_firmware -
samsung ss397b_firmware -
samsung ss205g_firmware -
samsung ss274b_firmware -
samsung ss230a_firmware -
samsung ss377j_firmware -
samsung ss388k_firmware -
samsung ss106q_firmware -
samsung ss329a_firmware -
samsung ss398d_firmware -
samsung ss216p_firmware -
samsung ss353h_firmware -
samsung ss027h_firmware -
samsung ss108b_firmware -
samsung ss327c_firmware -
samsung st682c_firmware -
samsung ss041j_firmware -
samsung st695a_firmware -
samsung ss391f_firmware -
samsung ss256p_firmware -
samsung st682a_firmware -
samsung ss153g_firmware -
samsung ss334d_firmware -
hp 8af52a_firmware -
samsung ss150b_firmware -
samsung ss049h_firmware -
samsung ss285a_firmware -
samsung ss326b_firmware -
samsung ss352p_firmware -
samsung ss398f_firmware -
samsung ss368a_firmware -
samsung ss215a_firmware -
samsung ss272h_firmware -
hp 1vr14a_firmware -
samsung ss043j_firmware -
samsung ss286a_firmware -
samsung ss330c_firmware -
hp 2zn50a_firmware -
samsung ss271a_firmware -
samsung ss059b_firmware -
samsung ss383f_firmware -
samsung ss348a_firmware -
samsung ss365b_firmware -
samsung ss205b_firmware -
samsung ss368e_firmware -
samsung ss352m_firmware -
samsung 3a9x3a#ab1_firmware -
samsung ss041e_firmware -
samsung ss378k_firmware -
samsung ss042e_firmware -
samsung ss153l_firmware -
samsung ss210a_firmware -
samsung 7fq88a#ab1_firmware -
samsung ss213h_firmware -
samsung st686a_firmware -
samsung st683b_firmware -
samsung ss230m_firmware -
samsung ss271t_firmware -
samsung ss379a_firmware -
samsung ss230l_firmware -
samsung ss271s_firmware -
samsung ss348b_firmware -
samsung ss359k_firmware -
samsung ss327b_firmware -
samsung ss216q_firmware -
samsung ss271h_firmware -
samsung ss106a_firmware -
samsung ss367f_firmware -
samsung ss237b_firmware -
samsung ss108c_firmware -
samsung ss390f_firmware -
samsung ss106b_firmware -
samsung st688g_firmware -
samsung ss274a_firmware -
samsung ss276b_firmware -
samsung 7fq97a#ab1_firmware -
samsung ss204f_firmware -
samsung ss271m_firmware -
samsung ss272u_firmware -
samsung ss205c_firmware -
samsung ss076x_firmware -
samsung ss216l_firmware -
samsung ss349d_firmware -
samsung ss210g_firmware -
samsung ss261a_firmware -
samsung ss395h_firmware -
samsung ss272g_firmware -
hp 4zb91a_firmware -
samsung ss378c#304_firmware -
samsung ss378j_firmware -
samsung ss352f_firmware -
samsung st693b_firmware -
samsung st694a_firmware -
samsung ss282c_firmware -
samsung ss328b_firmware -
samsung ss365h_firmware -
samsung ss211c_firmware -
samsung 7fq96a#ab1_firmware -
samsung ss397a_firmware -
samsung ss273a_firmware -
hp 4zb94a_firmware -
samsung ss196g_firmware -
samsung ss075d_firmware -
hp 6hu12a_firmware -
samsung ss216v_firmware -
samsung ss272d_firmware -
samsung ss267b_firmware -
samsung 8pa13a#302_firmware -
samsung ss235a_firmware -
samsung ss359q_firmware -
samsung ss151b_firmware -
samsung ss353e_firmware -
samsung ss339a_firmware -
samsung ss044n_firmware -
samsung ss027b_firmware -
samsung ss377m_firmware -
samsung st694b_firmware -
samsung ss196d_firmware -
samsung ss049a_firmware -
samsung ss397k_firmware -
samsung ss213g_firmware -
samsung st673d_firmware -
samsung 7gf52a#ab1_firmware -
samsung ss383v_firmware -
samsung ss256s_firmware -
samsung ss043e_firmware -
samsung ss389d_firmware -
samsung ss404z_firmware -
hp 7zb25a_firmware -
samsung ss266a_firmware -
samsung ss196f_firmware -
samsung ss197a_firmware -
samsung sv899d_firmware -
samsung ss388j_firmware -
samsung ss395b_firmware -
samsung ss388c_firmware -
samsung ss212a_firmware -
samsung ss213c_firmware -
samsung ss341a_firmware -
samsung ss211h_firmware -
samsung ss389v_firmware -
samsung ss390e_firmware -
samsung ss257m_firmware -
samsung ss352l_firmware -
samsung ss257b_firmware -
samsung ss043a_firmware -
samsung ss386f_firmware -
samsung ss231a_firmware -
samsung ss254g_firmware -
samsung ss152b_firmware -
samsung ss353j_firmware -
samsung st673c_firmware -
samsung ss271l_firmware -
samsung ss075e_firmware -
samsung ss366a_firmware -
samsung 7fr04a#ab1_firmware -
samsung ss218d_firmware -
samsung st686b_firmware -
hp 714z8a_firmware -
samsung ss392b_firmware -
samsung st688d_firmware -
hp 4zb88a_firmware -
samsung ss255c_firmware -
samsung ss216d_firmware -
samsung ss105c_firmware -
samsung ss106m_firmware -
samsung ss204n_firmware -
samsung ss218f_firmware -
samsung ss353k_firmware -
samsung ss230t_firmware -
samsung ss049g_firmware -
samsung ss033m_firmware -
samsung ss284a_firmware -
samsung ss211e_firmware -
samsung st688h_firmware -
samsung st679h_firmware -
samsung ss075h_firmware -
samsung ss263a_firmware -
samsung ss153a_firmware -
samsung ss152d_firmware -
samsung 7fq92a#ab1_firmware -
samsung ss271j_firmware -
samsung ss369c_firmware -
samsung ss396a_firmware -
samsung ss397e_firmware -
samsung ss355a_firmware -
samsung ss210k_firmware -
samsung ss335h_firmware -
samsung 7fq87a#ab1_firmware -
hp 4zb95a_firmware -
samsung ss210h_firmware -
hp 2zn49a_firmware -
samsung ss395t_firmware -
samsung ss218j_firmware -
samsung ss044m_firmware -
samsung ss386c_firmware -
samsung ss388b_firmware -
samsung ss150n_firmware -
samsung ss153e_firmware -
samsung ss288a_firmware -
samsung ss404d_firmware -
samsung ss213e_firmware -
samsung ss205e_firmware -
samsung ss280a_firmware -
samsung ss352s_firmware -
samsung st690d_firmware -
hp 7ab26a_firmware -
samsung ss205l_firmware -
samsung ss153k_firmware -
samsung ss271f_firmware -
samsung ss272b_firmware -
samsung ss204j_firmware -
samsung ss368b_firmware -
samsung ss271c_firmware -
samsung ss389a_firmware -
CVE-2023-21420

Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H 1.8 5.5

Products Affected

Vendor Product Version
samsung android 10.0
samsung android 11.0
CVE-2023-21421

Improper Handling of Insufficient Permissions or Privileges vulnerability in KnoxCustomManagerService prior to SMR Jan-2023 Release 1 allows attacker to access device SIM PIN.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4

Products Affected

Vendor Product Version
samsung android 10.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21422

Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding WifiService.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6
mobile.security@samsung.com 5.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L 2.5 2.7

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
CVE-2023-21423

Improper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1 allows attacker to control BLE advertising without permission using unprotected action.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L 2.5 2.5

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 13.0
CVE-2023-21424

Improper Handling of Insufficient Permissions or Privileges vulnerability in SemChameleonHelper prior to SMR Jan-2023 Release 1 allows attacker to modify network related values, network code, carrier id and operator brand.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 2.5 2.5

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21425

Improper access control vulnerability in telecom application prior to SMR JAN-2023 Release 1 allows local attackers to get sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 10.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21426

Hardcoded AES key to encrypt cardemulation PINs in NFC prior to SMR Jan-2023 Release 1 allows attackers to access cardemulation PIN.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 10.0
CVE-2023-21427

Improper access control vulnerability in NfcTile prior to SMR Jan-2023 Release 1 allows to attacker to use NFC without user recognition.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 2.8 3.6
mobile.security@samsung.com 5.4 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 2.8 2.5

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21428

Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 2.5 1.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21429

Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access SSID.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung android 10.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21430

An out-of-bound read vulnerability in mapToBuffer function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR JAN-2023 Release 1 allows attacker to cause memory access fault.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L 1.8 2.5

Products Affected

Vendor Product Version
samsung android 10.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21431

Improper input validation in Bixby Vision prior to version 3.7.70.17 allows attacker to access data of Bixby Vision.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung bixby_vision *
CVE-2023-21432

Improper access control vulnerabilities in Smart Things prior to 1.7.93 allows to attacker to invite others without authorization of the owner.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L 0.8 3.4
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung smart_things *
CVE-2023-21433

Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2023-21434

Improper input validation vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to execute JavaScript by launching a web page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2023-21435

Exposure of Sensitive Information vulnerability in Fingerprint TA prior to SMR Feb-2023 Release 1 allows attackers to access the memory address information via log.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.8 3.6
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21436

Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung android 10.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21437

Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 10.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21438

Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access App preview protected by Secure Folder.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 2.4 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 0.9 1.4
mobile.security@samsung.com 2.1 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 0.7 1.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
CVE-2023-21439

Improper input validation vulnerability in UwbDataTxStatusEvent prior to SMR Feb-2023 Release 1 allows attackers to launch certain activities.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 8.5 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L 2.5 5.3
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 13.0
CVE-2023-21440

Improper access control vulnerability in WindowManagerService prior to SMR Feb-2023 Release 1 allows attackers to take a screen capture.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 13.0
CVE-2023-21441

Insufficient Verification of Data Authenticity vulnerability in Routine prior to versions 2.6.30.6 in Android Q(10), 3.1.21.10 in Android R(11) and 3.5.2.23 in Android S(12) allows local attacker to access protected files via unused code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.4 HIGH CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N 1.0 5.8
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 10.0
samsung android 12.0
samsung android 11.0
CVE-2023-21442

Improper access control vulnerability in Runestone application prior to version 2.9.09.003 in Android R(11) and 3.2.01.007 in Android S(12) allows local attackers to get device location information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
CVE-2023-21443

Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows adjacent attackers to decrypt encrypted messages or inject commands.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.5 HIGH CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 1.6 5.9
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
samsung flow *
CVE-2023-21444

Improper cryptographic implementation in Samsung Flow for PC 4.9.14.0 allows adjacent attackers to decrypt encrypted messages or inject commands.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
mobile.security@samsung.com 7.5 HIGH CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 1.6 5.9

Products Affected

Vendor Product Version
samsung flow *
CVE-2023-21445

Improper access control vulnerability in MyFiles prior to versions 12.2.09 in Android R(11), 13.1.03.501 in Android S(12) and 14.1.00.422 in Android T(13) allows local attacker to write file with MyFiles privilege via implicit intent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21446

Improper input validation in MyFiles prior to version 12.2.09 in Android R(11), 13.1.03.501 in Android S( 12) and 14.1.00.422 in Android T(13) allows local attacker to access data of MyFiles.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21447

Improper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local attackers to access information with Samsung Cloud's privilege via implicit intent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung cloud *
CVE-2023-21448

Path traversal vulnerability in Samsung Cloud prior to version 5.3.0.32 allows attacker to access specific png file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 5.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N 2.5 2.7

Products Affected

Vendor Product Version
samsung cloud *
CVE-2023-21449

Improper access control vulnerability in Call application prior to SMR Mar-2023 Release 1 allows local attackers to access sensitive information without proper permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
CVE-2023-21450

Missing Authorization vulnerability in One Hand Operation + prior to version 6.1.21 allows multi-users to access owner's widget without authorization via gesture setting.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 2.1 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 0.7 1.4
mobile.security@samsung.com 2.3 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N 0.7 1.4

Products Affected

Vendor Product Version
samsung one_hand_operation_+ *
CVE-2023-21451

A Stack-based overflow vulnerability in IpcRxEmbmsSessionList in SECRIL prior to Android S(12) allows attacker to cause memory corruptions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L 0.8 5.3
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
CVE-2023-21452

Improper usage of implicit intent in Bluetooth prior to SMR Mar-2023 Release 1 allows attacker to get MAC address of connected device.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 1.8 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21453

Improper input validation vulnerability in SoftSim TA prior to SMR Mar-2023 Release 1 allows local attackers access to protected data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 6.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N 1.5 4.0

Products Affected

Vendor Product Version
samsung android 13.0
CVE-2023-21454

Improper authorization in Samsung Keyboard prior to SMR Mar-2023 Release 1 allows physical attacker to access users text history on the lockscreen.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 2.4 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 0.9 1.4
mobile.security@samsung.com 2.4 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 0.9 1.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21455

Improper authorization implementation in Exynos baseband prior to SMR Mar-2023 Release 1 allows incorrect handling of unencrypted message.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N 1.6 4.2
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 3.9 5.2

Products Affected

Vendor Product Version
samsung exynos_firmware -
CVE-2023-21456

Path traversal vulnerability in Galaxy Themes Service prior to SMR Mar-2023 Release 1 allows attacker to access arbitrary file with system uid.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 9.0 CRITICAL CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N 2.5 5.8
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21457

Improper access control vulnerability in Bluetooth prior to SMR Mar-2023 Release 1 allows attackers to send file via Bluetooth without related permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H 2.8 5.2
mobile.security@samsung.com 4.1 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L 1.0 2.7

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21458

Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1 allows attacker to turn off Do not disturb via unprotected intent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 2.5 3.6
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21459

Use after free vulnerability in decon driver prior to SMR Mar-2023 Release 1 allows attackers to cause memory access fault.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.0 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L 0.8 3.7
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21460

Improper authentication in SecSettings prior to SMR Mar-2023 Release 1 allows attacker to reset the setting.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L 1.8 2.5
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L 1.8 2.5

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21461

Improper authorization vulnerability in AutoPowerOnOffConfirmDialog in Settings prior to SMR Mar-2023 Release 1 allows local attacker to turn device off via unprotected activity.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 2.5 1.4
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21462

The sensitive information exposure vulnerability in Quick Share Agent prior to versions 3.5.14.18 in Android 12 and 3.5.16.20 in Android 13 allows to local attacker to access MAC address without related permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 4.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N 1.1 2.7

Products Affected

Vendor Product Version
samsung quick_share *
CVE-2023-21463

Improper access control vulnerability in MyFiles application prior to versions 12.2.09.0 in Android 11, 13.1.03.501 in Android 12 and 14.1.03.0 in Android 13 allows local attacker to get sensitive information of secret mode in Samsung Internet application with specific conditions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung myfiles *
CVE-2023-21464

Improper access control in Samsung Calendar prior to versions 12.4.02.9000 in Android 13 and 12.3.08.2000 in Android 12 allows local attacker to configure improper status.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung calendar *
CVE-2023-21465

Improper access control vulnerability in BixbyTouch prior to version 3.2.02.5 in China models allows untrusted applications access local files.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung bixbytouch *
CVE-2023-21466

PendingIntent hijacking vulnerability in CertificatePolicy in framework prior to SMR Apr-2023 Release 1 allows local attackers to access contentProvider without proper permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L 1.8 3.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21467

Error in 3GPP specification implementation in Exynos baseband prior to SMR Apr-2023 Release 1 allows incorrect handling of unencrypted message.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.6 MEDIUM CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L 1.2 3.4
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung exynos -
CVE-2023-21468

Improper access control vulnerability in Telephony prior to SMR Apr-2023 Release 1 allows attackers to access files with escalated permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21469

Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.GEOFENCE action.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21470

Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.NETWORK_LOCATION action.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21471

Improper access control vulnerability in SemClipboard prior to SMR Apr-2023 Release 1 allows attackers to read arbitrary files with system permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 13.0
CVE-2023-21472

Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.8 MEDIUM CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H 0.2 6.0

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21473

Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.8 MEDIUM CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H 0.2 6.0

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21474

Intent redirection vulnerability in SecSettings prior to SMR Apr-2022 Release 1 allows attackers to access arbitrary file with system privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.3 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N 1.0 5.2
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N 1.8 5.2

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21475

Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release 1 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 8.0 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L 2.5 5.5

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21476

Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release 1 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 8.0 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L 2.5 5.5

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21477

Access of Memory Location After End of Buffer vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.9 HIGH CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N 1.5 5.8

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21478

Improper input validation vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N 1.5 4.0
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21479

Improper authorization in Smart suggestions prior to SMR Apr-2023 Release 1 in Android 13 and 4.1.01.0 in Android 12 allows remote attackers to register a schedule.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

Products Affected

Vendor Product Version
samsung smart_suggestions 4.1.01.0
samsung android 13.0
CVE-2023-21480

Improper input validation vulnerability in CertByte prior to SMR Apr-2023 Release 1 allows local attackers to launch privileged activities.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 8.5 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L 2.5 5.3

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21481

Improper URL input validation vulnerability in Samsung Account application prior to version 14.1.0.0 allows remote attackers to get sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
mobile.security@samsung.com 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L 2.8 2.5

Products Affected

Vendor Product Version
samsung account *
CVE-2023-21482

Missing authorization vulnerability in Camera prior to versions 11.1.02.18 in Android 11, 12.1.03.8 in Android 12 and 13.1.01.4 in Android 13 allows physical attackers to install package through Galaxy store before completion of Setup wizard.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.1 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 0.9 5.2
nvd@nist.gov 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 0.9 3.6

Products Affected

Vendor Product Version
samsung camera *
CVE-2023-21483

Improper Access Control vulnerability in Galaxy Store prior to version 4.5.53.6 allows local attacker to access protected data using exported service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.4 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N 1.1 4.7
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2023-21484

Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 2.5 2.5

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21485

Improper export of android application components vulnerability in VideoPreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N 0.9 4.0

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21486

Improper export of android application components vulnerability in ImagePreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N 0.9 4.0

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21487

Improper access control vulnerability in Telephony framework prior to SMR May-2023 Release 1 allows local attackers to change a call setting.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 2.5 2.5

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21488

Improper access control vulnerablility in Tips prior to SMR May-2023 Release 1 allows local attackers to launch arbitrary activity in Tips.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L 1.8 2.5

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21489

Heap out-of-bounds write vulnerability in bootloader prior to SMR May-2023 Release 1 allows a physical attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.1 HIGH CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H 0.5 6.0

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21490

Improper access control in GearManagerStub prior to SMR May-2023 Release 1 allows a local attacker to delete applications installed by watchmanager.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H 1.0 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21491

Improper access control vulnerability in ThemeManager prior to SMR May-2023 Release 1 allows local attackers to write arbitrary files with system privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 8.5 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L 2.5 5.3

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 13.0
CVE-2023-21492

Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.8 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21493

Improper access control vulnerability in SemShareFileProvider prior to SMR May-2023 Release 1 allows local attackers to access protected data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.8 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N 2.5 4.2

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21494

Potential buffer overflow vulnerability in auth api in mm_Authentication.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.6 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L 2.2 3.4

Products Affected

Vendor Product Version
samsung android 13.0
CVE-2023-21495

Improper access control vulnerability in Knox Enrollment Service prior to SMR May-2023 Release 1 allow attacker install KSP app when device admin is set.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 2.5 1.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21496

Active Debug Code vulnerability in ActivityManagerService prior to SMR May-2023 Release 1 allows attacker to use debug function via setting debug level.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.1 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 0.9 5.2

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21497

Use of externally-controlled format string vulnerability in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the memory address.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.8 3.6

Products Affected

Vendor Product Version
samsung android 13.0
CVE-2023-21498

Improper input validation vulnerability in setPartnerTAInfo in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to overwrite the trustlet memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N 0.8 5.2

Products Affected

Vendor Product Version
samsung android 13.0
CVE-2023-21499

Out-of-bounds write vulnerability in TA_Communication_mpos_encrypt_pin in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 8.2 HIGH CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H 1.5 6.0

Products Affected

Vendor Product Version
samsung android 13.0
CVE-2023-21500

Double free validation vulnerability in setPinPadImages in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the trustlet memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N 1.5 4.0

Products Affected

Vendor Product Version
samsung android 13.0
CVE-2023-21501

Improper input validation vulnerability in mPOS fiserve trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 8.2 HIGH CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H 1.5 6.0

Products Affected

Vendor Product Version
samsung android 13.0
CVE-2023-21502

Improper input validation vulnerability in FactoryTest application prior to SMR May-2023 Release 1 allows local attackers to get privilege escalation via debugging commands.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.7 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L 0.9 4.7

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 13.0
CVE-2023-21503

Potential buffer overflow vulnerability in mm_LteInterRatManagement.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.6 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L 2.2 3.4

Products Affected

Vendor Product Version
samsung android 13.0
CVE-2023-21504

Potential buffer overflow vulnerability in mm_Plmncoordination.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.6 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L 2.2 3.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21505

Improper access control in Samsung Core Service prior to version 2.1.00.36 allows attacker to write arbitrary file in sandbox.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung samsung_core_services *
CVE-2023-21506

Out-of-bounds Write vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA_ARRAY command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung samsung_blockchain_keystore *
CVE-2023-21507

Out-of-bounds Read vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA_ARRAY command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.8 3.6

Products Affected

Vendor Product Version
samsung samsung_blockchain_keystore *
CVE-2023-21508

Out-of-bounds Write vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung samsung_blockchain_keystore *
CVE-2023-21509

Out-of-bounds Write vulnerability while processing BC_TUI_CMD_UPDATE_SCREEN in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung samsung_blockchain_keystore *
CVE-2023-21510

Out-of-bounds Read vulnerability while processing BC_TUI_CMD_UPDATE_SCREEN in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.8 3.6

Products Affected

Vendor Product Version
samsung samsung_blockchain_keystore *
CVE-2023-21511

Out-of-bounds Read vulnerability while processing CMD_COLDWALLET_BTC_SET_PRV_UTXO in bc_core trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.8 3.6

Products Affected

Vendor Product Version
samsung samsung_blockchain_keystore *
CVE-2023-21512

Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1 allows local attackers to read work profile notifications without proper access permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 2.4 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 0.9 1.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21513

Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows physical attackers to manipulate device to operate in way that results in unexpected behavior in CC Mode under specific condition.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.1 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 0.9 5.2

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-21514

Improper scheme validation from InstantPlay Deeplink in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2023-21515

InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2023-21516

XSS vulnerability from InstantPlay in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2023-21517

Heap out-of-bound write vulnerability in Exynos baseband prior to SMR Jun-2023 Release 1 allows remote attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 8.8 HIGH CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
samsung exynos -
CVE-2023-21518

Improper access control vulnerability in SearchWidget prior to version 3.3 in China models allows untrusted applications to start arbitrary activity.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L 1.8 2.5

Products Affected

Vendor Product Version
samsung searchwidget *
CVE-2023-24033

The Samsung Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T512 baseband modem chipsets do not properly check format types specified by the Session Description Protocol (SDP) module, which can lead to a denial of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung exynos_modem_5300_firmware -
samsung exynos_auto_t5123_firmware -
samsung exynos_1080_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_980_firmware -
CVE-2023-26072

An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the Emergency number list.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
cve@mitre.org 7.6 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H 2.8 4.7

Products Affected

Vendor Product Version
samsung exynos_2200_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_auto_t5123_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2023-26073

An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the extended emergency number list.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
cve@mitre.org 7.6 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H 2.8 4.7

Products Affected

Vendor Product Version
samsung exynos_2200_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_auto_t5123_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2023-26074

An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123.. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding operator-defined access category definitions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
cve@mitre.org 7.6 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H 2.8 4.7

Products Affected

Vendor Product Version
samsung exynos_2200_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_auto_t5123_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2023-26075

An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. An intra-object overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the Service Area List.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 7.6 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H 2.8 4.7
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung exynos_2200_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_auto_t5123_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2023-26076

An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. An intra-object overflow in the 5G SM message codec can occur due to insufficient parameter validation when decoding reserved options.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
cve@mitre.org 7.6 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H 2.8 4.7

Products Affected

Vendor Product Version
samsung exynos_2200_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_auto_t5123_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_1280_firmware -
CVE-2023-26496

An issue was discovered in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T5124. Memory corruption can occur due to improper checking of the parameter length while parsing the fmtp attribute in the SDP (Session Description Protocol) module.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
cve@mitre.org 8.6 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H 3.9 4.7

Products Affected

Vendor Product Version
samsung exynos_modem_5300_firmware -
samsung exynos_auto_t5123_firmware -
samsung exynos_1080_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_980_firmware -
CVE-2023-26497

An issue was discovered in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T5125. Memory corruption can occur when processing Session Description Negotiation for Video Configuration Attribute.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
cve@mitre.org 8.6 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H 3.9 4.7

Products Affected

Vendor Product Version
samsung exynos_modem_5300_firmware -
samsung exynos_auto_t5123_firmware -
samsung exynos_1080_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_980_firmware -
CVE-2023-26498

An issue was discovered in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos Auto T5126. Memory corruption can occur due to improper checking of the number of properties while parsing the chatroom attribute in the SDP (Session Description Protocol) module.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 8.6 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H 3.9 4.7
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung exynos_modem_5300_firmware -
samsung exynos_auto_t5123_firmware -
samsung exynos_1080_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_980_firmware -
CVE-2023-28613

An issue was discovered in Samsung Exynos Mobile Processor and Baseband Modem Processor for Exynos 1280, Exynos 2200, and Exynos Modem 5300. An integer overflow in IPv4 fragment handling can occur due to insufficient parameter validation when reassembling these fragments.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H 2.2 4.0
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung exynos_2200_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_1280_firmware -
CVE-2023-29085

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP status line.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H 2.2 4.0

Products Affected

Vendor Product Version
samsung exynos_5123_firmware -
samsung exynos_5300_firmware -
samsung exynos_auto_t5123_firmware -
samsung exynos_1080_firmware -
samsung exynos_9110_firmware -
samsung exynos_980_firmware -
CVE-2023-29086

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Min-SE header.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H 2.2 4.0

Products Affected

Vendor Product Version
samsung exynos_5123_firmware -
samsung exynos_5300_firmware -
samsung exynos_auto_t5123_firmware -
samsung exynos_1080_firmware -
samsung exynos_9110_firmware -
samsung exynos_980_firmware -
CVE-2023-29087

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Retry-After header.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H 2.2 4.0

Products Affected

Vendor Product Version
samsung exynos_5123_firmware -
samsung exynos_5300_firmware -
samsung exynos_auto_t5123_firmware -
samsung exynos_1080_firmware -
samsung exynos_9110_firmware -
samsung exynos_980_firmware -
CVE-2023-29088

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Session-Expires header.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H 2.2 4.0

Products Affected

Vendor Product Version
samsung exynos_5123_firmware -
samsung exynos_5300_firmware -
samsung exynos_auto_t5123_firmware -
samsung exynos_1080_firmware -
samsung exynos_9110_firmware -
samsung exynos_980_firmware -
CVE-2023-29089

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding SIP multipart messages.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H 2.2 4.0

Products Affected

Vendor Product Version
samsung exynos_5123_firmware -
samsung exynos_5300_firmware -
samsung exynos_auto_t5123_firmware -
samsung exynos_1080_firmware -
samsung exynos_9110_firmware -
samsung exynos_980_firmware -
CVE-2023-29090

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Via header.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H 2.2 4.0

Products Affected

Vendor Product Version
samsung exynos_5123_firmware -
samsung exynos_5300_firmware -
samsung exynos_auto_t5123_firmware -
samsung exynos_1080_firmware -
samsung exynos_9110_firmware -
samsung exynos_980_firmware -
CVE-2023-29091

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP URI.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H 2.2 4.0

Products Affected

Vendor Product Version
samsung exynos_5123_firmware -
samsung exynos_5300_firmware -
samsung exynos_auto_t5123_firmware -
samsung exynos_1080_firmware -
samsung exynos_9110_firmware -
samsung exynos_980_firmware -
CVE-2023-29092

An issue was discovered in Exynos Mobile Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, and Exynos 1080. Binding of a wrong resource can occur due to improper handling of parameters while binding a network interface.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 3.1 LOW CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L 0.5 2.5

Products Affected

Vendor Product Version
samsung exynos_5123_firmware -
samsung exynos_5300_firmware -
samsung exynos_1080_firmware -
samsung exynos_980_firmware -
CVE-2023-30640

Improper access control vulnerability in PersonaManagerService prior to SMR Jul-2023 Release 1 allows local attackers to change confiugration.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30641

Improper access control vulnerability in Settings prior to SMR Jul-2023 Release 1 allows physical attacker to use restricted user profile to access device owner's google account data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 0.7 3.6

Products Affected

Vendor Product Version
samsung android 13.0
CVE-2023-30642

Improper privilege management vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1 allows local attackers to call privilege function.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 13.0
CVE-2023-30643

Missing authentication vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1 allows local attackers to delete arbitrary non-preloaded applications.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.7 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H 2.5 5.2

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30644

Stack out of bound write vulnerability in CdmaSmsParser of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30645

Heap out of bound write vulnerability in IpcRxIncomingCBMsg of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30646

Heap out of bound write vulnerability in BroadcastSmsConfig of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30647

Heap out of bound write vulnerability in IpcRxUsimPhoneBookCapa of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30648

Stack out-of-bounds write vulnerability in IpcRxImeiUpdateImeiNoti of RILD priro to SMR Jul-2023 Release 1 cause a denial of service on the system.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L 1.8 1.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30649

Heap out of bound write vulnerability in RmtUimNeedApdu of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30650

Out of bounds read and write in callrunTspCmd of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30651

Out of bounds read and write in callgetTspsysfs of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30652

Out of bounds read and write in callrunTspCmdNoRead of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30653

Out of bounds read and write in enableTspDevice of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30654

Improper access control vulnerability in SLocationService prior to SMR Aug-2023 Release 1 allows local attacker to update fake location.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30655

Improper input validation vulnerability in SCEPProfile prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 8.5 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L 2.5 5.3

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30656

Improper input validation vulnerability in LSOItemData prior to SMR Jul-2023 Release 1 allows attackers to launch certain activities.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 8.5 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L 2.5 5.3

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30657

Improper input validation vulnerability in EnhancedAttestationResult prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30658

Improper input validation vulnerability in DataProfile prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 8.5 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L 2.5 5.3

Products Affected

Vendor Product Version
samsung android 13.0
CVE-2023-30659

Improper input validation vulnerability in Transaction prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung android 13.0
CVE-2023-30660

Exposure of Sensitive Information vulnerability in getDefaultChipId in UwbAospAdapterService prior to SMR Jul-2023 Release 1 allows local attackers to access the UWB chipset Identifier.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 13.0
CVE-2023-30661

Exposure of Sensitive Information vulnerability in getChipInfos in UwbAospAdapterService prior to SMR Jul-2023 Release 1 allows local attackers to access the UWB chipset Identifier.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 13.0
CVE-2023-30662

Exposure of Sensitive Information vulnerability in getChipIds in UwbAospAdapterService prior to SMR Jul-2023 Release 1 allows local attackers to access the UWB chipset Identifier.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 13.0
CVE-2023-30663

Improper input validation vulnerability in OemPersonalizationSetLock in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds write.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L 1.8 3.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30664

Improper input validation vulnerability in RegisteredMSISDN prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 8.5 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L 2.5 5.3

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30665

Improper input validation vulnerability in OnOemServiceMode in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds read.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L 1.8 2.5

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30666

Improper input validation vulnerability in DoOemImeiSetPreconfig in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds write.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L 1.8 3.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30667

Improper access control in Audio system service prior to SMR Jul-2023 Release 1 allows attacker to send broadcast with system privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 2.5 2.5

Products Affected

Vendor Product Version
samsung android 13.0
CVE-2023-30668

Out-of-bounds Write in BuildOemSecureSimLockResponse of libsec-ril prior to SMR Jul-2023 Release 1 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30669

Out-of-bounds Write in DoOemFactorySendFactoryTestResult of libsec-ril prior to SMR Jul-2023 Release 1 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30670

Out-of-bounds Write in BuildIpcFactoryDeviceTestEvent of libsec-ril prior to SMR Jul-2023 Release 1 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30671

Logic error in package installation via adb command prior to SMR Jul-2023 Release 1 allows local attackers to downgrade installed application.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H 0.8 5.5

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 13.0
CVE-2023-30672

Improper privilege management vulnerability in Samsung Smart Switch for Windows Installer prior to version 4.3.23043_3 allows attackers to cause permanent DoS via directory junction.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.8 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H 2.5 4.2

Products Affected

Vendor Product Version
samsung smart_switch_pc *
CVE-2023-30673

Improper validation of integrity check vulnerability in Smart Switch PC prior to version 4.3.23052_1 allows local attackers to delete arbitrary directory using directory junction.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung smart_switch_pc *
CVE-2023-30674

Improper configuration in Samsung Internet prior to version 21.0.0.41 allows attacker to bypass SameSite Cookie.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
samsung internet *
CVE-2023-30675

Improper authentication in Samsung Pass prior to version 4.2.03.1 allows local attacker to access stored account information when Samsung Wallet is not installed.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 2.5 3.6

Products Affected

Vendor Product Version
samsung pass *
CVE-2023-30676

Improper access control vulnerability in Samsung Pass prior to version 4.2.03.1 allows physical attackers to access data of Samsung Pass.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6

Products Affected

Vendor Product Version
samsung pass *
CVE-2023-30677

Improper access control vulnerability in Samsung Pass prior to version 4.2.03.1 allows physical attackers to access data of Samsung Pass on a certain state of an unlocked device.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.1 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 0.9 5.2

Products Affected

Vendor Product Version
samsung pass *
CVE-2023-30678

Potential zip path traversal vulnerability in Calendar application prior to version 12.4.07.15 in Android 13 allows attackers to write arbitrary file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 2.5 2.5

Products Affected

Vendor Product Version
samsung calendar *
CVE-2023-30679

Improper access control in HDCP trustlet prior to SMR Aug-2023 Release 1 allows local attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 7.8 HIGH CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N 1.4 5.8

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30680

Improper privilege management vulnerability in MMIGroup prior to SMR Aug-2023 Release 1 allows code execution with privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 8.4 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.5 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 13.0
CVE-2023-30681

An improper input validation vulnerability within initialize function in HAL VaultKeeper prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L 1.8 2.5
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30682

Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call silenceRinger API without permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L 2.5 1.4

Products Affected

Vendor Product Version
samsung android 13.0
CVE-2023-30683

Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call endCall API without permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L 2.5 1.4

Products Affected

Vendor Product Version
samsung android 13.0
CVE-2023-30684

Improper access control in Samsung Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call acceptRingingCall API without permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L 2.5 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung android 13.0
CVE-2023-30685

Improper access control vulnerability in Telecom prior to SMR Aug-2023 Release 1 allows local attakcers to change TTY mode.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30686

Out-of-bounds Write in ReqDataRaw of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30687

Out-of-bounds Write in RmtUimApdu of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30688

Out-of-bounds Write in MakeUiccAuthForOem of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30689

Out-of-bounds Write in BuildOemEmbmsGetSigStrengthResponse of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30690

Improper input validation vulnerability in Duo prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 8.5 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L 2.5 5.3
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30691

Parcel mismatch in AuthenticationConfig prior to SMR Aug-2023 Release 1 allows local attacker to privilege escalation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 8.4 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.5 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30692

Improper input validation vulnerability in Evaluator prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 8.5 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L 2.5 5.3
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30693

Out-of-bounds Write in DoOemFactorySendFactoryBypassCommand of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30694

Out-of-bounds Write in IpcTxPcscTransmitApdu of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30695

Out-of-bounds Write vulnerability in SSHDCPAPP TA prior to "SAMSUNG ELECTONICS, CO, LTD. - System Hardware Update - 7/13/2023" in Windows Update for Galaxy book Go, Galaxy book Go 5G, Galaxy book2 Go and Galaxy book2 Pro 360 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung galaxy_book2_go_firmware -
samsung galaxy_book_go_5g_firmware -
samsung galaxy_book_go_firmware -
samsung galaxy_book2_pro_360_firmware -
CVE-2023-30696

An improper input validation in IpcTxGetVerifyAkey in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L 1.8 2.5
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30697

An improper input validation in IpcTxCfgSetSimlockPayload in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L 1.8 2.5

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30698

Improper access control vulnerability in TelephonyUI prior to SMR Aug-2023 Release 1 allows local attacker to connect BLE without privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 13.0
CVE-2023-30699

Out-of-bounds write vulnerability in parser_hvcC function of libsimba library prior to SMR Aug-2023 Release 1 allows code execution by remote attackers.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30700

PendingIntent hijacking vulnerability in SemWifiApTimeOutImpl in framework prior to SMR Aug-2023 Release 1 allows local attackers to access ContentProvider without proper permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L 1.8 3.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30701

PendingIntent hijacking in WifiGeofenceManager prior to SMR Aug-2023 Release 1 allows local attacker to arbitrary file access.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N 1.0 3.6
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30702

Stack overflow vulnerability in SSHDCPAPP TA prior to "SAMSUNG ELECTONICS, CO, LTD. - System Hardware Update - 7/13/2023" in Windows Update for Galaxy book Go, Galaxy book Go 5G, Galaxy book2 Go and Galaxy book2 Pro 360 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung galaxy_book2_go_firmware -
samsung galaxy_book_go_5g_firmware -
samsung galaxy_book_go_firmware -
samsung galaxy_book2_pro_360_firmware -
CVE-2023-30703

Improper URL validation vulnerability in Samsung Members prior to version 14.0.07.1 allows attackers to access sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung members *
CVE-2023-30704

Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6
mobile.security@samsung.com 3.8 LOW CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N 0.2 3.6

Products Affected

Vendor Product Version
samsung internet *
CVE-2023-30705

Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.56.6?allows local attackers to access privileged content providers as Galaxy Store permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 6.8 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N 2.5 4.2

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2023-30706

Improper authorization in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows attacker to read arbitrary file with system privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 1.2 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30707

Improper input validation vulnerability in FileProviderStatusReceiver in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows local attackers to delete arbitrary files with Samsung Keyboard privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 1.8 5.2
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30708

Improper authentication in SecSettings prior to SMR Sep-2023 Release 1 allows attacker to access Captive Portal Wi-Fi in Reactivation Lock status.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
mobile.security@samsung.com 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 0.9 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30709

Improper access control in Dual Messenger prior to SMR Sep-2023 Release 1 allows local attackers launch activity with system privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9
mobile.security@samsung.com 7.9 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N 2.5 4.7

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30710

Improper input validation vulnerability in Knox AI prior to SMR Sep-2023 Release 1 allows local attackers to launch privileged activities.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 8.5 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L 2.5 5.3
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30711

Improper authentication in Phone and Messaging Storage SMR SEP-2023 Release 1 allows attacker to insert arbitrary data to the provider.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30712

Improper input validation in Settings Suggestions prior to SMR Sep-2023 Release 1 allows attackers to launch arbitrary activity.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 6.8 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N 2.5 4.2

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30713

Improper privilege management vulnerability in FolderLockNotifier in One UI Home prior to SMR Sep-2023 Release 1 allows local attackers to change some settings of the folder lock.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 2.5 3.6
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30714

Improper authorization vulnerability in FolderContainerDragDelegate in One UI Home prior to SMR Sep-2023 Release 1 allows physical attackers to change some settings of the folder lock.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 0.9 3.6
mobile.security@samsung.com 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 0.9 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30715

Improper access control vulnerability in Weather prior to SMR Sep-2023 Release 1 allows attackers to access location information set in Weather without permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30716

Improper access control vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to trigger certain commands.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30717

Sensitive information exposure vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to get unresettable identifiers.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30718

Improper export of android application components vulnerability in WifiApAutoHotspotEnablingActivity prior to SMR Sep-2023 Release 1 allows local attacker to change a Auto Hotspot setting.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30719

Exposure of Sensitive Information vulnerability in InboundSmsHandler prior to SMR Sep-2023 Release 1 allows local attackers to access certain message data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30720

PendingIntent hijacking in LmsAssemblyTrackerCTC prior to SMR Sep-2023 Release 1 allows local attacker to gain arbitrary file access.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N 1.0 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30721

Insertion of sensitive information into log vulnerability in Locksettings prior to SMR Sep-2023 Release 1 allows a privileged local attacker to get lock screen match information from the log.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.8 3.6
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.8 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30722

Protection Mechanism Failure in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.13.5 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung blockchain_keystore *
CVE-2023-30723

Improper input validation vulnerability in Samsung Health prior to version 6.24.2.011 allows attackers to write arbitrary file with Samsung Health privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung health *
CVE-2023-30724

Improper authentication in GallerySearchProvider of Gallery prior to version 14.5.01.2 allows attacker to access search history.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung gallery *
CVE-2023-30725

Improper authentication in LocalProvier of Gallery prior to version 14.5.01.2 allows attacker to access the data in content provider.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 2.5 2.5
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung gallery *
CVE-2023-30726

PendingIntent hijacking vulnerability in GameLauncher prior to version 4.2.59.5 allows local attackers to access data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N 1.0 3.6

Products Affected

Vendor Product Version
samsung gamelauncher *
CVE-2023-30727

Improper access control vulnerability in SecSettings prior to SMR Oct-2023 Release 1 allows attackers to enable Wi-Fi and connect arbitrary Wi-Fi without User Interaction.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-30728

Intent redirection vulnerability in PackageInstallerCHN prior to version 13.1.03.00 allows local attacker to access arbitrary file. This vulnerability requires user interaction.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N 1.8 2.5
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung packageinstallerchn *
CVE-2023-30729

Improper Certificate Validation in Samsung Email prior to version 6.1.82.0 allows remote attacker to intercept the network traffic including sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
mobile.security@samsung.com 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

Products Affected

Vendor Product Version
samsung email *
CVE-2023-30730

Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12.1.00.30, 12.0.07.53, 12.1.03.10 in Android 12, and 13.0.01.43, 13.1.00.83 in Android 13 allows local attacker to access specific file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 1.8 1.4
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung camera *
CVE-2023-30731

Logic error in package installation via debugger command prior to SMR Oct-2023 Release 1 allows physical attacker to install an application that has different build type.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 0.9 3.6
mobile.security@samsung.com 5.7 MEDIUM CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:H 0.2 5.5

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 13.0
CVE-2023-30732

Improper access control in system property prior to SMR Oct-2023 Release 1 allows local attacker to get CPU serial number.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung android 13.0
CVE-2023-30733

Stack-based Buffer Overflow in vulnerability HDCP trustlet prior to SMR Oct-2023 Release 1 allows local privileged attackers to perform code execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.8 HIGH CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N 1.4 5.8
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 13.0
CVE-2023-30734

Improper access control vulnerability in Samsung Health prior to version 6.24.3.007 allows attackers to access sensitive information via implicit intent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung health *
CVE-2023-30735

Improper Preservation of Permissions vulnerability in SAssistant prior to version 8.7 allows local attackers to access backup data in SAssistant.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 1.4 3.6

Products Affected

Vendor Product Version
samsung sassistant *
CVE-2023-30736

Improper authorization in PushMsgReceiver of Samsung Assistant prior to version 8.7.00.1 allows attacker to execute javascript interface. To trigger this vulnerability, user interaction is required.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N 2.8 2.5
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L 1.8 2.5

Products Affected

Vendor Product Version
samsung samsung_assistant *
CVE-2023-30737

Improper access control vulnerability in Samsung Health prior to version 6.24.3.007 allows attackers to access sensitive information via implicit intent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung health *
CVE-2023-30738

An improper input validation in UEFI Firmware prior to Firmware update Oct-2023 Release in Galaxy Book, Galaxy Book Pro, Galaxy Book Pro 360 and Galaxy Book Odyssey allows local attacker to execute SMM memory corruption.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

Products Affected

Vendor Product Version
samsung galaxy_book_firmware *
samsung galaxy_book_pro_360_firmware *
samsung galaxy_book_odyssey_firmware *
samsung galaxy_book_pro_firmware *
CVE-2023-30739

Arbitrary File Descriptor Write vulnerability in libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-31114

An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can cause unintended querying of the SIM status via a crafted application.

Products Affected

Vendor Product Version
samsung exynos_5123_firmware -
samsung exynos_5300_firmware -
CVE-2023-31115

An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can cause changes to the activation mode of RCS via a crafted application.

Products Affected

Vendor Product Version
samsung exynos_5123_firmware -
samsung exynos_5300_firmware -
CVE-2023-31116

An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. An incorrect default permission can cause unintended querying of RCS capability via a crafted application.

Products Affected

Vendor Product Version
samsung exynos_5123_firmware -
samsung exynos_5300_firmware -
CVE-2023-36481

An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, and W920. Improper handling of PPP length parameter inconsistency can cause an infinite loop.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_9820_firmware -
samsung exynos_9810_firmware -
samsung exynos_9610_firmware -
samsung exynos_850_firmware -
samsung exynos_9110_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2023-36482

An issue was discovered in Samsung NFC S3NRN4V, S3NSN4V, S3NSEN4, SEN82AB, and S3NRN82. A buffer copy without checking its input size can cause an NFC service restart.

Products Affected

Vendor Product Version
samsung s3nrn4v_firmware -
samsung s3nsen4_firmware -
samsung s3nrn82_firmware -
samsung s3nsn4v_firmware -
samsung sen82ab_firmware -
CVE-2023-37367

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. In the NAS Task, an improperly implemented security check for standard can disallow desired services for a while via consecutive NAS messages.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 3.9 1.4
cve@mitre.org 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 3.9 1.4

Products Affected

Vendor Product Version
samsung exynos_9820_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_auto_t5123_firmware -
samsung exynos_850_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2023-37368

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos Mobile Processor, Automotive Processor, and Modem - Exynos 9810, Exynos 9610, Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123). In the Shannon MM Task, Missing validation of a NULL pointer can cause abnormal termination via a malformed NR MM packet.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 2.2 3.6
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_9820_firmware -
samsung exynos_9810_firmware -
samsung exynos_9610_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_auto_t5123_firmware -
samsung exynos_850_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2023-37377

An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor (Exynos 980, Exynos 850, Exynos 2100, and Exynos W920). Improper handling of length parameter inconsistency can cause incorrect packet filtering.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 2.0 LOW CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:L 0.6 1.4
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_2100_firmware -
samsung exynos_850_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
CVE-2023-38523

The web interface on multiple Samsung Harman AMX N-Series devices allows directory listing for the /tmp/ directory, without authentication, exposing sensitive information such as the command history and screenshot of the file being processed. This affects N-Series N1115 Wallplate Video Encoder before 1.15.61, N-Series N1x22A Video Encoder/Decoder before 1.15.61, N-Series N1x33A Video Encoder/Decoder before 1.15.61, N-Series N1x33 Video Encoder/Decoder before 1.15.61, N-Series N2x35 Video Encoder/Decoder before 1.15.61, N-Series N2x35A Video Encoder/Decoder before 1.15.61, N-Series N2xx2 Video Encoder/Decoder before 1.15.61, N-Series N2xx2A Video Encoder/Decoder before 1.15.61, N-Series N3000 Video Encoder/Decoder before 2.12.105, and N-Series N4321 Audio Transceiver before 1.00.06.

Products Affected

Vendor Product Version
samsung fgn4321-sa_firmware *
samsung fgn2222-sa_firmware *
samsung fgn1122-sa_firmware *
samsung fgn2235-sa_firmware *
samsung fgn1122-cd_firmware *
samsung fgn1222-sa_firmware *
samsung fgn2222a-sa_firmware *
samsung fgn4321-cd_firmware *
samsung fgn1133-sa_firmware *
samsung fgn1115-wp-wh_firmware *
samsung fgn1133-cd_firmware *
samsung fgn1133a-sa_firmware *
samsung fgn1133a-cd_firmware *
samsung fgn2122-sa_firmware *
samsung fgn1233a-cd_firmware *
samsung fgn2122-cd_firmware *
samsung fgn3132a-sa_firmware *
samsung fgn2135-cd_firmware *
samsung fgn2222-cd_firmware *
samsung fgn1233a-sa_firmware *
samsung fgn2235-cd_firmware *
samsung fgn2122a-sa_firmware *
samsung fgn2212-cd_firmware *
samsung fgn2122a-cd_firmware *
samsung fgn2222a-cd_firmware *
samsung fgn1233-sa_firmware *
samsung fgn3232a-c_firmware *
samsung fgn1233-cd_firmware *
samsung fgn2212-sa_firmware *
samsung fgn3132a-c_firmware *
samsung fgn1222-cd_firmware *
samsung fgn3232a-sa_firmware *
samsung fgn2135-sa_firmware *
CVE-2023-40218

An issue was discovered in the NPU kernel driver in Samsung Exynos Mobile Processor 9820, 980, 2100, 2200, 1280, and 1380. An integer overflow can bypass detection of error cases via a crafted application.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 1.8 1.4
cve@mitre.org 2.0 LOW CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:L 0.6 1.4

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_9820_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2023-40291

Harman Infotainment 20190525031613 allows root access via SSH over a USB-to-Ethernet dongle with a password that is an internal project name.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.8 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 0.9 5.9

Products Affected

Vendor Product Version
samsung harman_infotainment 20190525031613
CVE-2023-40292

Harman Infotainment 20190525031613 and later discloses the IP address via CarPlay CTRL packets.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
samsung harman_infotainment 20190525031613
CVE-2023-40293

Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC with a D-Bus connection object.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.8 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 0.9 5.9

Products Affected

Vendor Product Version
samsung harman_infotainment 20190525031613
CVE-2023-40353

An issue was discovered in Exynos Mobile Processor 980 and 2100. An integer overflow at a buffer index can prevent the execution of requested services via a crafted application.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L 1.8 1.4
cve@mitre.org 2.0 LOW CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:L 0.6 1.4

Products Affected

Vendor Product Version
samsung exynos_2100_firmware -
samsung exynos_980_firmware -
CVE-2023-41111

An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123). Improper handling of a length parameter inconsistency can cause abnormal termination of a mobile phone. This occurs in the RLC task and RLC module.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 7.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H 2.8 4.2
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_9820_firmware -
samsung exynos_9810_firmware -
samsung exynos_9610_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_auto_t5123_firmware -
samsung exynos_850_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2023-41112

An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123). A buffer copy, without checking the size of the input, can cause abnormal termination of a mobile phone. This occurs in the RLC task and RLC module.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
cve@mitre.org 7.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H 2.8 4.2

Products Affected

Vendor Product Version
samsung exynos_9820_firmware -
samsung exynos_9810_firmware -
samsung exynos_9610_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_auto_t5123_firmware -
samsung exynos_850_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2023-41268

Improper input validation vulnerability in Samsung Open Source Escargot allows stack overflow and segmentation fault. This issue affects Escargot: from 3.0.0 through 4.0.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
PSIRT@samsung.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 3.9 1.4

Products Affected

Vendor Product Version
samsung escargot 4.0.0
samsung escargot 3.0.0
CVE-2023-41270

Improper Restriction of Excessive Authentication Attempts vulnerability in Samsung Smart TV UE40D7000 version T-GAPDEUC-1033.2 and before allows attackers to cause a denial of service via WPS attack tools.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 3.5 LOW CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L 2.1 1.4
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 2.8 1.4

Products Affected

Vendor Product Version
samsung ue40d7000_firmware *
CVE-2023-41911

Samsung Mobile Processor Exynos 2200 allows a GPU Double Free (issue 1 of 2).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H 1.0 3.6
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

Products Affected

Vendor Product Version
samsung exynos_2200_firmware -
CVE-2023-41929

A DLL hijacking vulnerability in Samsung Memory Card & UFD Authentication Utility PC Software before 1.0.1 could allow a local attacker to escalate privileges. (An attacker must already have user privileges on Windows to exploit this vulnerability.)

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H 1.3 5.9
nvd@nist.gov 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H 1.3 5.9

Products Affected

Vendor Product Version
samsung memory_card_&_ufd_authentication *
CVE-2023-42482

Samsung Mobile Processor Exynos 2200 allows a GPU Use After Free.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
cve@mitre.org 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H 1.0 3.6

Products Affected

Vendor Product Version
samsung exynos_2200_firmware -
CVE-2023-42483

A TOCTOU race condition in Samsung Mobile Processor Exynos 9820, Exynos 980, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, and Exynos 1380 can cause unexpected termination of a system.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.3 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 0.3 5.9
nvd@nist.gov 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H 1.0 3.6

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_9820_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2023-42527

Improper input validation vulnerability in ProcessWriteFile of libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to expose sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 5.6 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L 0.8 4.7

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-42528

Improper Input Validation vulnerability in ProcessNvBuffering of libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-42529

Out-of-bound write vulnerability in libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-42530

Improper access control vulnerability in SecSettings prior to SMR Nov-2023 Release 1 allows attackers to enable Wi-Fi and Wi-Fi Direct without User Interaction.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-42531

Improper access control vulnerability in SmsController prior to SMR Nov-2023 Release1 allows local attackers to bypass restrictions on starting activities from the background.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 2.5 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-42532

Improper Certificate Validation in FotaAgent prior to SMR Nov-2023 Release1 allows remote attacker to intercept the network traffic including Firmware information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 2.2 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-42533

Improper Input Validation with USB Gadget Interface prior to SMR Nov-2023 Release 1 allows a physical attacker to execute arbitrary code in Kernel.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.8 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 0.9 5.9
mobile.security@samsung.com 6.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 0.7 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 13.0
CVE-2023-42534

Improper input validation vulnerability in ChooserActivity prior to SMR Nov-2023 Release 1 allows local attackers to read arbitrary files with system privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 6.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N 1.8 4.0

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 13.0
CVE-2023-42535

Out-of-bounds Write in read_block of vold prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 8.4 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.5 5.9
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 13.0
CVE-2023-42536

An improper input validation in saped_dec in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-42537

An improper input validation in get_head_crc in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-42538

An improper input validation in saped_rec_silence in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2023-42539

PendingIntent hijacking vulnerability in ChallengeNotificationManager in Samsung Health prior to version 6.25 allows local attackers to access data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N 1.0 3.6
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung health *
CVE-2023-42540

Improper access control vulnerability in Samsung Account prior to version 14.5.01.1 allows attackers to access sensitive information via implicit intent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung account *
CVE-2023-42541

Improper authorization in PushClientProvider of Samsung Push Service prior to version 3.4.10 allows attacker to access unique id.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
samsung push_service *
CVE-2023-42542

Improper access control vulnerability in Samsung Push Service prior to 3.4.10 allows local attackers to get register ID to identify the device.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung push_service *
CVE-2023-42543

Improper verification of intent by broadcast receiver vulnerability in Bixby Voice prior to version 3.3.35.12 allows attackers to access arbitrary data with Bixby Voice privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
samsung bixby_voice *
CVE-2023-42544

Improper access control vulnerability in Quick Share prior to 13.5.52.0 allows local attacker to access local files.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung quick_share *
CVE-2023-42545

Use of implicit intent for sensitive communication vulnerability in Phone prior to versions 12.7.20.12 in Android 11, 13.1.48, 13.5.28 in Android 12, and 14.7.38 in Android 13 allows attackers to access location data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung phone *
CVE-2023-42546

Use of implicit intent for sensitive communication vulnerability in startAgreeToDisclaimerActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung account *
CVE-2023-42547

Use of implicit intent for sensitive communication vulnerability in startEmailValidationActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
samsung account *
CVE-2023-42548

Use of implicit intent for sensitive communication vulnerability in startMandatoryCheckActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung account *
CVE-2023-42549

Use of implicit intent for sensitive communication vulnerability in startNameValidationActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
samsung account *
CVE-2023-42550

Use of implicit intent for sensitive communication vulnerability in startSignIn in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
samsung account *
CVE-2023-42551

Use of implicit intent for sensitive communication vulnerability in startTncActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
samsung account *
CVE-2023-42552

Implicit intent hijacking vulnerability in Firewall application prior to versions 12.1.00.24 in Android 11, 13.1.00.16 in Android 12 and 14.1.00.7 in Android 13 allows 3rd party application to tamper the database of Firewall.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 1.8 1.4
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L 1.8 2.5

Products Affected

Vendor Product Version
samsung firewall *
CVE-2023-42553

Improper authorization verification vulnerability in Samsung Email prior to version 6.1.90.4 allows attackers to read sandbox data of email.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung email *
CVE-2023-42554

Improper Authentication vulnerabiity in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.8 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 0.9 5.9
mobile.security@samsung.com 5.4 MEDIUM CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N 0.2 5.2

Products Affected

Vendor Product Version
samsung pass *
CVE-2023-42555

Use of implicit intent for sensitive communication vulnerability in EasySetup prior to version 11.1.13 allows attackers to get the bluetooth address of user device.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 6.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N 1.8 4.0

Products Affected

Vendor Product Version
samsung easysetup *
CVE-2023-42556

Improper usage of implicit intent in Contacts prior to SMR Dec-2023 Release 1 allows attacker to get sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 1.8 1.4
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android *
samsung android 14.0
CVE-2023-42557

Out-of-bound write vulnerability in libIfaaCa prior to SMR Dec-2023 Release 1 allows local system attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9
mobile.security@samsung.com 5.6 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L 0.8 4.7

Products Affected

Vendor Product Version
samsung android *
samsung android 14.0
CVE-2023-42558

Out of bounds write vulnerability in HDCP in HAL prior to SMR Dec-2023 Release 1 allows attacker to perform code execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 6.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H 0.8 5.2

Products Affected

Vendor Product Version
samsung android 13.0
CVE-2023-42559

Improper exception management vulnerability in Knox Guard prior to SMR Dec-2023 Release 1 allows Knox Guard lock bypass via changing system time.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.2 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N 0.9 4.2
mobile.security@samsung.com 4.9 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N 0.7 4.2

Products Affected

Vendor Product Version
samsung android *
samsung android 14.0
CVE-2023-42560

Heap out-of-bounds write vulnerability in dec_mono_audb of libsavsac.so prior to SMR Dec-2023 Release 1 allows an attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.4 HIGH CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 1.4 5.9
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android *
samsung android 14.0
CVE-2023-42561

Heap out-of-bounds write vulnerability in bootloader prior to SMR Dec-2023 Release 1 allows a physical attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.8 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 0.9 5.9
mobile.security@samsung.com 7.1 HIGH CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H 0.5 6.0

Products Affected

Vendor Product Version
samsung android *
samsung android 14.0
CVE-2023-42562

Integer overflow vulnerability in detectionFindFaceSupportMultiInstance of libFacePreProcessingjni.camera.samsung.so prior to SMR Dec-2023 Release 1 allows attacker to trigger heap overflow.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H 0.8 5.9
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android *
samsung android 14.0
CVE-2023-42563

Integer overflow vulnerability in landmarkCopyImageToNative of libFacePreProcessingjni.camera.samsung.so prior to SMR Dec-2023 Release 1 allows attacker to trigger heap overflow.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H 0.8 5.9
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android *
samsung android 14.0
CVE-2023-42564

Improper access control in knoxcustom service prior to SMR Dec-2023 Release 1 allows attacker to send broadcast with system privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6
mobile.security@samsung.com 6.6 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H 1.3 5.2

Products Affected

Vendor Product Version
samsung android *
samsung android 14.0
CVE-2023-42565

Improper input validation vulnerability in Smart Clip prior to SMR Dec-2023 Release 1 allows local attackers with shell privilege to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.3 HIGH CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:H 1.4 5.3
nvd@nist.gov 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung android *
samsung android 14.0
CVE-2023-42566

Out-of-bound write vulnerability in libsavsvc prior to SMR Dec-2023 Release 1 allows local attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L 2.5 4.7
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android *
samsung android 14.0
CVE-2023-42567

Improper size check vulnerability in softsimd prior to SMR Dec-2023 Release 1 allows stack-based buffer overflow.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L 2.5 4.7

Products Affected

Vendor Product Version
samsung android 14.0
CVE-2023-42568

Improper access control vulnerability in SmartManagerCN prior to SMR Dec-2023 Release 1 allows local attackers to access arbitrary files with system privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.8 3.6
mobile.security@samsung.com 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L 2.5 4.7

Products Affected

Vendor Product Version
samsung android *
samsung android 13.0
CVE-2023-42569

Improper authorization verification vulnerability in AR Emoji prior to SMR Dec-2023 Release 1 allows attackers to read sandbox data of AR Emoji.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung android *
samsung android 13.0
CVE-2023-42570

Improper access control vulnerability in KnoxCustomManagerService prior to SMR Dec-2023 Release 1 allows attacker to access device SIM PIN.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung android *
samsung android 14.0
CVE-2023-42571

Abuse of remote unlock in Find My Mobile prior to version 7.3.13.4 allows physical attacker to unlock the device remotely by resetting the Samsung Account password with SMS verification when user lost the device.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.6 HIGH CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 0.9 6.0
nvd@nist.gov 6.8 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 0.9 5.9

Products Affected

Vendor Product Version
samsung find_my_mobile *
CVE-2023-42572

Implicit intent hijacking vulnerability in Samsung Account Web SDK prior to version 1.5.24 allows attacker to get sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 1.8 1.4
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung account_web_software_development_kit *
CVE-2023-42573

PendingIntent hijacking vulnerability in Search Widget prior to version 3.4 in China models allows local attackers to access data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N 1.0 3.6

Products Affected

Vendor Product Version
samsung search_widget *
CVE-2023-42574

Improper access control vulnerablility in GameHomeCN prior to version 4.2.60.2 allows local attackers to launch arbitrary activity in GameHomeCN.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 2.5 2.5
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung gamehomecn *
CVE-2023-42575

Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid flag setting.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.4 MEDIUM CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N 0.2 5.2
nvd@nist.gov 6.8 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 0.9 5.9

Products Affected

Vendor Product Version
samsung pass *
CVE-2023-42576

Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid exception handler.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.8 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 0.9 5.9
mobile.security@samsung.com 5.4 MEDIUM CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N 0.2 5.2

Products Affected

Vendor Product Version
samsung pass *
CVE-2023-42577

Improper Access Control in Samsung Voice Recorder prior to versions 21.4.15.01 in Android 12 and Android 13, 21.4.50.17 in Android 14 allows physical attackers to access Voice Recorder information on the lock screen.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 2.4 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 0.9 1.4
mobile.security@samsung.com 6.8 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 0.9 5.9

Products Affected

Vendor Product Version
samsung samsung_voice_recorder *
CVE-2023-42578

Improper handling of insufficient permissions or privileges vulnerability in Samsung Data Store prior to version 5.2.00.7 allows remote attackers to access location information without permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
mobile.security@samsung.com 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
samsung cloud *
CVE-2023-42579

Improper usage of insecure protocol (i.e. HTTP) in SogouSDK of Chinese Samsung Keyboard prior to versions 5.3.70.1 in Android 11, 5.4.60.49, 5.4.85.5, 5.5.00.58 in Android 12, and 5.6.00.52, 5.6.10.42, 5.7.00.45 in Android 13 allows adjacent attackers to access keystroke data using Man-in-the-Middle attack.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 1.6 3.6
mobile.security@samsung.com 6.5 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
samsung samsung_keyboard *
CVE-2023-42580

Improper URL validation from MCSLaunch deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to install APK from Galaxy Store.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
mobile.security@samsung.com 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2023-42581

Improper URL validation from InstantPlay deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to access data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2023-43122

Samsung Mobile Processor and Wearable Processor (Exynos 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, and W920) allow Information Disclosure in the Bootloader.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6
cve@mitre.org 4.8 MEDIUM CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N 0.4 4.0

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2023-45864

A race condition issue discovered in Samsung Mobile Processor Exynos 9820, 980, 1080, 2100, 2200, 1280, and 1380 allows unintended modifications of values within certain areas.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N 1.0 3.6
cve@mitre.org 4.0 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:N 0.3 3.6

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_9820_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2023-49927

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check format types specified by the RRC. This can lead to a lack of encryption.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
samsung exynos_9820_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_850_firmware -
samsung exynos_9825_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_990_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2023-49928

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check states specified by the RRC. This can lead to disclosure of sensitive information.

Products Affected

Vendor Product Version
samsung exynos_9820_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_850_firmware -
samsung exynos_9825_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_990_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2023-50803

An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check replay protection specified by the NAS (Non-Access-Stratum) module. This can lead to denial of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 3.7 LOW CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L 2.2 1.4

Products Affected

Vendor Product Version
samsung exynos_9820_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_850_firmware -
samsung exynos_9825_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_990_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2023-50804

An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check format types specified by the NAS (Non-Access-Stratum) module. This can lead to bypass of authentication.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 3.7 LOW CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N 2.2 1.4

Products Affected

Vendor Product Version
samsung exynos_9820_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_850_firmware -
samsung exynos_9825_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_990_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2023-50805

A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300 that allows an out-of-bounds write in the heap in 2G (no auth).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung exynos_9820_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_850_firmware -
samsung exynos_9825_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2023-50806

A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850 Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380 Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300 that allows out-of-bounds access to a heap buffer in the SIM Proactive Command.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 8.4 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.5 5.9

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung exynos_9820_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_850_firmware -
samsung exynos_9825_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2023-50807

A vulnerability was discovered in Samsung Wearable Processor and Modems with versions Exynos 9110, Exynos Modem 5123, Exynos Modem 5300 that allows an out-of-bounds write in the heap in 2G (no auth).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

Products Affected

Vendor Product Version
samsung exynos_modem_5300_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
CVE-2023-52432

Improper input validation in IpcTxSndSetLoopbackCtrl in libsec-ril prior to SMR Sep-2023 Release 1 allows local attackers to write out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 13.0
CVE-2024-20802

Improper access control vulnerability in Samsung DeX prior to SMR Jan-2024 Release 1 allows owner to access other users' notification in a multi-user environment.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6

Products Affected

Vendor Product Version
samsung dex *
CVE-2024-20803

Improper authentication vulnerability in Bluetooth pairing process prior to SMR Jan-2024 Release 1 allows remote attackers to establish pairing process without user interaction.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 2.8 3.6
mobile.security@samsung.com 6.8 MEDIUM CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L 2.1 4.7

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2024-20804

Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung myfiles *
samsung android 12.0
samsung android 11.0
CVE-2024-20805

Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung myfiles *
samsung android 12.0
samsung android 11.0
CVE-2024-20806

Improper access control in Notification service prior to SMR Jan-2024 Release 1 allows local attacker to access notification data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2024-20807

Implicit intent hijacking vulnerability in Samsung Email prior to version 6.1.90.16 allows local attacker to get sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung email *
CVE-2024-20808

Improper access control vulnerability in Nearby device scanning prior version 11.1.14.7 allows local attacker to access data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung nearby_device_scanning *
CVE-2024-20809

Improper access control vulnerability in Nearby device scanning prior version 11.1.14.7 allows local attacker to access data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung nearby_device_scanning *
CVE-2024-20810

Implicit intent hijacking vulnerability in Smart Suggestions prior to SMR Feb-2024 Release 1 allows local attackers to get sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 13.0
CVE-2024-20811

Improper caller verification in GameOptimizer prior to SMR Feb-2024 Release 1 allows local attackers to configure GameOptimizer.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 2.5 2.5

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2024-20812

Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 8.4 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.5 5.9
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2024-20813

Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 8.4 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.5 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2024-20814

Out-of-bounds Read in padmd_vld_ac_prog_refine of libpadm.so prior to SMR Feb-2024 Release 1 allows local attackers access unauthorized information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2024-20815

Improper authentication vulnerability in onCharacteristicReadRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 8.0 HIGH CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:H 1.6 5.8

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2024-20816

Improper authentication vulnerability in onCharacteristicWriteRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 8.0 HIGH CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:H 1.6 5.8

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2024-20817

Out-of-bounds Write vulnerabilities in svc1td_vld_slh of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.6 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L 1.8 4.7

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2024-20818

Out-of-bounds Write vulnerabilities in svc1td_vld_elh of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.6 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L 1.8 4.7

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2024-20819

Out-of-bounds Write vulnerabilities in svc1td_vld_plh_ap of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.6 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L 1.8 4.7

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2024-20820

Improper input validation in bootloader prior to SMR Feb-2024 Release 1 allows local privileged attackers to cause an Out-Of-Bounds read.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.8 3.6

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2024-20822

Implicit intent hijacking vulnerability in AccountActivity of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2024-20823

Implicit intent hijacking vulnerability in SamsungAccount of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2024-20824

Implicit intent hijacking vulnerability in VoiceSearch of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2024-20825

Implicit intent hijacking vulnerability in IAP of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2024-20826

Implicit intent hijacking vulnerability in UPHelper library prior to version 4.0.0 allows local attackers to access sensitive information via implicit intent.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung uphelper_library *
CVE-2024-20827

Improper access control vulnerability in Samsung Gallery prior to version 14.5.04.4 allows physical attackers to access the picture using physical keyboard on the lockscreen.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6
nvd@nist.gov 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6

Products Affected

Vendor Product Version
samsung gallery *
CVE-2024-20828

Improper authorization verification vulnerability in Samsung Internet prior to version 24.0 allows physical attackers to access files downloaded in SecretMode without proper authentication.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 2.4 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 0.9 1.4
nvd@nist.gov 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6

Products Affected

Vendor Product Version
samsung internet *
CVE-2024-20829

Missing proper interaction for opening deeplink in Samsung Internet prior to version v24.0.0.0 allows remote attackers to open an application without proper interaction.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L 2.8 2.5

Products Affected

Vendor Product Version
samsung internet 24.0
CVE-2024-20830

Incorrect default permission in AppLock prior to SMR MAr-2024 Release 1 allows local attackers to configure AppLock settings.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L 1.8 3.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2024-20831

Stack overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows local privileged attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.4 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 0.5 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2024-20832

Heap overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows local privileged attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.4 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 0.5 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2024-20833

Use after free vulnerability in pub_crypto_recv_msg prior to SMR Mar-2024 Release 1 due to race condition allows local attackers with system privilege to cause memory corruption.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.1 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N 0.5 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2024-20834

The sensitive information exposure vulnerability in WlanTest prior to SMR Mar-2024 Release 1 allows local attackers to access MAC address without proper permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2024-20835

Improper access control vulnerability in CustomFrequencyManagerService prior to SMR Mar-2024 Release 1 allows local attackers to execute privileged behaviors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2024-20836

Out of bounds Read vulnerability in ssmis_get_frm in libsubextractor.so prior to SMR Mar-2024 Release 1 allows local attackers to read out of bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2024-20837

Improper handling of granting permission for Trusted Web Activities in Samsung Internet prior to version 24.0.0.41 allows local attackers to grant permission to their own TWA WebApps without user interaction.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L 1.8 3.4

Products Affected

Vendor Product Version
samsung internet *
CVE-2024-20838

Improper validation vulnerability in Samsung Internet prior to version 24.0.3.2 allows local attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.8 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L 2.5 3.7

Products Affected

Vendor Product Version
samsung internet *
CVE-2024-20839

Improper access control in Samsung Voice Recorder prior to versions 21.5.16.01 in Android 12 and Android 13, 21.4.51.02 in Android 14 allows physical attackers to access recording files on the lock screen.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6

Products Affected

Vendor Product Version
samsung voice_recorder *
CVE-2024-20840

Improper access control in Samsung Voice Recorder prior to versions 21.5.16.01 in Android 12 and Android 13, 21.4.51.02 in Android 14 allows physical attackers using hardware keyboard to use VoiceRecorder on the lock screen.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.7 MEDIUM CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H 0.5 5.2

Products Affected

Vendor Product Version
samsung voice_recorder *
CVE-2024-20841

Improper Handling of Insufficient Privileges in Samsung Account prior to version 14.8.00.3 allows local attackers to access data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 2.5 2.5

Products Affected

Vendor Product Version
samsung account *
CVE-2024-20842

Improper Input Validation vulnerability in handling apdu of libsec-ril prior to SMR Apr-2024 Release 1 allows local privileged attackers to write out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L 0.8 3.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20843

Out-of-bound write vulnerability in command parsing implementation of libIfaaCa prior to SMR Apr-2024 Release 1 allows local privileged attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.6 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L 0.8 4.7

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20844

Out-of-bounds write vulnerability while parsing remaining codewords in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 8.4 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.5 5.9

Products Affected

Vendor Product Version
samsung android 12.0
CVE-2024-20845

Out-of-bounds write vulnerability while releasing memory in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 8.4 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.5 5.9

Products Affected

Vendor Product Version
samsung android 12.0
CVE-2024-20846

Out-of-bounds write vulnerability while decoding hcr of libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4

Products Affected

Vendor Product Version
samsung android 12.0
CVE-2024-20847

Improper Access Control vulnerability in StorageManagerService prior to SMR Apr-2024 Release 1 allows local attackers to read sdcard information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20848

Improper Input Validation vulnerability in text parsing implementation of libsdffextractor prior to SMR Apr-2024 Release 1 allows local attackers to write out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 2.5 2.5

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20849

Out-of-bound Write vulnerability in chunk parsing implementation of libsdffextractor prior to SMR Apr-2023 Release 1 allows local attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L 2.5 4.7

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20850

Use of Implicit Intent for Sensitive Communication in Samsung Pay prior to version 5.4.99 allows local attackers to access information of Samsung Pay.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung samsung_pay *
CVE-2024-20851

Improper access control vulnerability in Samsung Data Store prior to version 5.3.00.4 allows local attackers to launch arbitrary activity with Samsung Data Store privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L 1.8 2.5

Products Affected

Vendor Product Version
samsung cloud *
CVE-2024-20852

Improper verification of intent by broadcast receiver vulnerability in SmartThings prior to version 1.8.13.22 allows local attackers to access testing configuration.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4

Products Affected

Vendor Product Version
samsung smartthings *
CVE-2024-20853

Improper verification of intent by broadcast receiver vulnerability in ThemeStore prior to 5.3.05.2 allows local attackers to write arbitrary files to sandbox of ThemeStore.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 2.5 2.5

Products Affected

Vendor Product Version
samsung galaxy_themes *
CVE-2024-20854

Improper handling of insufficient privileges vulnerability in Samsung Camera prior to versions 12.1.0.31 in Android 12, 13.1.02.07 in Android 13, and 14.0.01.06 in Android 14 allows local attackers to access image data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4

Products Affected

Vendor Product Version
samsung camera *
CVE-2024-20855

Improper access control vulnerability in multitasking framework prior to SMR May-2024 Release 1 allows physical attackers to access unlocked screen for a while.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 2.4 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 0.9 1.4

Products Affected

Vendor Product Version
samsung android 14.0
CVE-2024-20856

Improper Authentication vulnerability in Secure Folder prior to SMR May-2024 Release 1 allows physical attackers to access Secure Folder without proper authentication in a specific scenario.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 0.7 3.6

Products Affected

Vendor Product Version
samsung android 14.0
CVE-2024-20857

Improper access control vulnerability in startListening of CocktailBarService prior to SMR May-2024 Release 1 allows local attackers to access information of current application.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20858

Improper access control vulnerability in setCocktailHostCallbacks of CocktailBarService prior to SMR May-2024 Release 1 allows local attackers to access information of current application.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20859

Improper access control vulnerability in FactoryCamera prior to SMR May-2024 Release 1 allows local attackers to take pictures without privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20860

Improper export of android application components vulnerability in TelephonyUI prior to SMR May-2024 Release 1 allows local attackers to reboot the device without proper permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
CVE-2024-20861

Use after free vulnerability in SveService prior to SMR May-2024 Release 1 allows local privileged attackers to cause memory corruption.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H 0.8 5.2

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20862

Out-of-bounds write in SveService prior to SMR May-2024 Release 1 allows local privileged attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H 0.8 5.2

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 11.0
samsung android 13.0
CVE-2024-20863

Out of bounds write vulnerability in SNAP in HAL prior to SMR May-2024 Release 1 allows local privileged attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20864

Improper access control vulnerability in DarManagerService prior to SMR May-2024 Release 1 allows local attackers to monitor system resources.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 14.0
CVE-2024-20865

Authentication bypass in bootloader prior to SMR May-2024 Release 1 allows physical attackers to flash arbitrary images.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 0.7 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20866

Authentication bypass vulnerability in Setupwizard prior to SMR May-2024 Release 1 allows physical attackers to skip activation step.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.7 MEDIUM CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N 0.5 5.2

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 13.0
CVE-2024-20867

Improper privilege management vulnerability in Samsung Email prior to version 6.1.91.14 allows local attackers to access sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung email *
CVE-2024-20868

Improper input validation in Samsung Notes prior to version 4.4.15 allows local attackers to delete files with Samsung Notes privilege under certain conditions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L 1.8 2.5

Products Affected

Vendor Product Version
samsung notes *
CVE-2024-20869

Improper privilege management vulnerability in Samsung Internet prior to version 25.0.0.41 allows local attackers to bypass protection for cookies.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung internet *
CVE-2024-20870

Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.71.8 allows local attackers to write arbitrary files with the privilege of Galaxy Store.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 2.5 2.5

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2024-20871

Improper authorization vulnerability in Samsung Keyboard prior to version One UI 5.1.1 allows physical attackers to partially bypass the factory reset protection.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.9 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L 0.7 4.2

Products Affected

Vendor Product Version
samsung one_ui *
CVE-2024-20872

Improper handling of insufficient privileges vulnerability in TalkbackSE prior to version Android 14 allows local attackers to modify setting value of TalkbackSE.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 2.5 3.6

Products Affected

Vendor Product Version
samsung android 14.0
CVE-2024-20873

Improper input validation vulnerability in caminfo driver prior to SMR Jun-2024 Release 1 allows local privileged attackers to write out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L 0.8 3.4

Products Affected

Vendor Product Version
samsung android 14.0
CVE-2024-20874

Improper access control vulnerability in SmartManagerCN prior to SMR Jun-2024 Release 1 allows local attackers to launch privileged activities.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.9 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L 2.5 4.7

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 13.0
CVE-2024-20875

Improper caller verification vulnerability in SemClipboard prior to SMR June-2024 Release 1 allows local attackers to access arbitrary files.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20876

Improper input validation in libsheifdecadapter.so prior to SMR Jun-2024 Release 1 allows local attackers to lead to memory corruption.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H 1.8 4.2

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20877

Heap out-of-bound write vulnerability in parsing grid image header in libsavscmn.so prior to SMR Jun-2024 Release 1 allows local attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L 2.5 4.7

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20878

Heap out-of-bound write vulnerability in parsing grid image in libsavscmn.so prior to SMR June-2024 Release 1 allows local attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L 2.5 4.7

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20879

Improper input validation vulnerability in libsavscmn.so prior to SMR Jun-2024 Release 1 allows local attackers to write out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20880

Stack-based buffer overflow vulnerability in bootloader prior to SMR Jun-2024 Release 1 allows physical attackers to overwrite memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.4 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L 0.9 5.5

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20881

Improper input validation vulnerability in chnactiv TA prior to SMR Jun-2024 Release 1 allows local privileged attackers lead to potential arbitrary code execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.4 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 0.5 5.9

Products Affected

Vendor Product Version
samsung android 12.0
samsung android 13.0
CVE-2024-20882

Out-of-bounds read vulnerability in bootloader prior to SMR June-2024 Release 1 allows physical attackers to arbitrary data access.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20883

Incorrect use of privileged API vulnerability in registerBatteryStatsCallback in BatteryStatsService prior to SMR Jun-2024 Release 1 allows local attackers to use privileged API.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung android 14.0
CVE-2024-20884

Incorrect use of privileged API vulnerability in getSemBatteryUsageStats in BatteryStatsService prior to SMR Jun-2024 Release 1 allows local attackers to use privileged API.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung android 14.0
CVE-2024-20885

Improper component protection vulnerability in Samsung Dialer prior to SMR May-2024 Release 1 allows local attackers to make a call without proper permission.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L 2.5 2.5

Products Affected

Vendor Product Version
samsung android 14.0
CVE-2024-20887

Arbitrary directory creation in GalaxyBudsManager PC prior to version 2.1.240315.51 allows attacker to create arbitrary directory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 2.5 3.6

Products Affected

Vendor Product Version
samsung galaxy_buds_manager *
CVE-2024-20888

Improper access control in OneUIHome prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20889

Improper authentication in BLE prior to SMR Jul-2024 Release 1 allows adjacent attackers to pair with devices.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H 1.6 4.2

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20890

Improper input validation in BLE prior to SMR Jul-2024 Release 1 allows adjacent attackers to trigger abnormal behavior.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 1.6 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20891

Improper access control in launchFullscreenIntent of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20892

Improper verification of signature in FilterProvider prior to SMR Jul-2024 Release 1 allows local attackers to execute privileged behaviors. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.5 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H 1.0 5.5

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20893

Improper input validation in libmediaextractorservice.so prior to SMR Jul-2024 Release 1 allows local attackers to trigger memory corruption.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H 1.8 4.2

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20894

Improper handling of exceptional conditions in Secure Folder prior to SMR Jul-2024 Release 1 allows physical attackers to bypass authentication under certain condition. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 0.7 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20895

Improper access control in Dar service prior to SMR Jul-2024 Release 1 allows local attackers to bypass restriction for calling SDP features.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.7 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H 2.5 5.2

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20896

Use of implicit intent for sensitive communication in Configuration message prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20897

Use of implicit intent for sensitive communication in FCM function in IMS service prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20898

Use of implicit intent for sensitive communication in SoftphoneClient in IMS service prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20899

Use of implicit intent for sensitive communication in RCS function in IMS service prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20900

Improper authentication in MTP application prior to SMR Jul-2024 Release 1 allows local attackers to enter MTP mode without proper authentication.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N 1.4 2.5

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-20901

Improper input validation in copying data to buffer cache in libsaped prior to SMR Jul-2024 Release 1 allows local attackers to write out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-23769

Improper privilege control for the named pipe in Samsung Magician PC Software 8.0.0 (for Windows) allows a local attacker to read privileged data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H 1.3 5.9

Products Affected

Vendor Product Version
samsung magician 8.0.0
CVE-2024-25073

An issue was discovered in Samsung Semiconductor Mobile Processor and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check a pointer specified by the CC (Call Control module), which can lead to Denial of Service (Untrusted Pointer Dereference).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 2.2 3.6

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung exynos_9820_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_850_firmware -
samsung exynos_9825_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2024-25074

An issue was discovered in Samsung Semiconductor Mobile Processor and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check a pointer specified by the SM (Session Management module), which can lead to Denial of Service (Untrusted Pointer Dereference).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 2.2 3.6

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung exynos_9820_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_850_firmware -
samsung exynos_9825_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2024-27360

A vulnerability was discovered in Samsung Mobile Processors Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, and Exynos W930 where they do not properly check length of the data, which can lead to a Denial of Service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H 0.8 5.2

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_w930_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-27361

A vulnerability was discovered in Samsung Mobile Processor Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, and Exynos 2400 that involves a time-of-check to time-of-use (TOCTOU) race condition, which can lead to a Denial of Service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H 0.8 4.2

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_990_firmware -
samsung exynos_2400_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2024-27362

A vulnerability was discovered in Samsung Mobile Processors Exynos 1280, Exynos 2200, Exynos 1330, Exynos 1380, and Exynos 2400 where they do not properly check the length of the data, which can lead to a Information disclosure.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.8 3.6

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-27364

An issue was discovered in Mobile Processor, Wearable Processor Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_roamed_ind(), there is no input validation check on a length coming from userspace, which can lead to a potential heap over-read.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.8 3.6
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_w930_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-27366

An issue was discovered in Samsung Mobile Processor, Wearable Processor Exynos Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_scan_done_ind(), there is no input validation check on a length coming from userspace, which can lead to a potential heap over-read.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.8 3.6
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_w930_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-27367

An issue was discovered in Samsung Mobile Processor Exynos Wearable Processor Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_scan_ind(), there is no input validation check on a length coming from userspace, which can lead to integer overflow and a potential heap over-read.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
cve@mitre.org 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.8 3.6

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_w930_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-27368

An issue was discovered in Samsung Mobile Processor Exynos Mobile Processor, Wearable Processor Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_received_frame_ind(), there is no input validation check on a length coming from userspace, which can lead to a potential heap over-read.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
cve@mitre.org 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.8 3.6

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_w930_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-27370

An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_config_get_nl_params(), there is no input validation check on hal_req->num_config_discovery_attr coming from userspace, which can lead to a heap overwrite.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_850_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-27371

An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_followup_get_nl_params(), there is no input validation check on hal_req->service_specific_info_len coming from userspace, which can lead to a heap overwrite.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_850_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-27372

An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_config_get_nl_params(), there is no input validation check on disc_attr->infrastructure_ssid_len coming from userspace, which can lead to a heap overwrite.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_850_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-27373

An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_config_get_nl_params(), there is no input validation check on disc_attr->mesh_id_len coming from userspace, which can lead to a heap overwrite.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_850_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-27374

An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_publish_get_nl_params(), there is no input validation check on hal_req->service_specific_info_len coming from userspace, which can lead to a heap overwrite.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_850_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-27375

An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_followup_get_nl_params(), there is no input validation check on hal_req->sdea_service_specific_info_len coming from userspace, which can lead to a heap overwrite.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_850_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-27376

An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_subscribe_get_nl_params(), there is no input validation check on hal_req->rx_match_filter_len coming from userspace, which can lead to a heap overwrite.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_850_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-27377

An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_get_security_info_nl(), there is no input validation check on sec_info->key_info.body.pmk_info.pmk_len coming from userspace, which can lead to a heap overwrite.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_850_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-27378

An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_send_action_frame_cert(), there is no input validation check on len coming from userspace, which can lead to a heap over-read.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H 0.8 5.2

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_850_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-27379

An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_subscribe_get_nl_params(), there is no input validation check on hal_req->num_intf_addr_present coming from userspace, which can lead to a heap overwrite.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_850_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-27380

An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_set_delayed_wakeup_type(), there is no input validation check on a length of ioctl_args->args[i] coming from userspace, which can lead to a heap over-read.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H 0.8 5.2

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_850_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-27381

An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_send_action_frame_ut(), there is no input validation check on len coming from userspace, which can lead to a heap over-read.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H 0.8 5.2

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_850_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-27382

An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_send_action_frame(), there is no input validation check on len coming from userspace, which can lead to a heap over-read.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H 0.8 5.2

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_850_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-27383

An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_get_scan_extra_ies(), there is no input validation check on default_ies coming from userspace, which can lead to a heap overwrite.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_w930_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-27385

A vulnerability was discovered in the slsi_handle_nan_rx_event_log_ind function in Samsung Mobile Processor Exynos 1380 and Exynos 1480 related to no input validation check on tag_len for rx coming from userspace, which can lead to heap overwrite.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_1480_firmware -
CVE-2024-27386

A vulnerability was discovered in the slsi_handle_nan_rx_event_log_ind function in Samsung Mobile Processor Exynos 1380 and Exynos 1480 related to no input validation check on tag_len for tx coming from userspace, which can lead to heap overwrite.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_1480_firmware -
CVE-2024-27387

An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_rx_range_done_ind(), there is no input validation check on rtt_id coming from userspace, which can lead to a heap overwrite.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
cve@mitre.org 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_w930_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-28067

A vulnerability in Samsung Exynos Modem 5300 allows a Man-in-the-Middle (MITM) attacker to downgrade the security mode of packets going to the victim, enabling the attacker to send messages to the victim in plaintext.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 5.3 MEDIUM CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N 1.6 3.6

Products Affected

Vendor Product Version
samsung exynos_modem_5300_firmware -
CVE-2024-28068

A vulnerability was discovered in SS in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 2400, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, and Exynos Modem 5300 that involves a NULL pointer dereference which can cause abnormal termination of a mobile phone via a manipulated packet.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 5.3 MEDIUM CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 1.6 3.6

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung exynos_9820_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_850_firmware -
samsung exynos_9825_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2024-28818

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 2400, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check states specified by the RRC (Radio Resource Control) module. This can lead to disclosure of sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 2.2 3.6

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_1080_firmware -
samsung exynos_990_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_2400_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-29152

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 2400, Exynos Modem 5123, and Exynos Modem 5300. The baseband software does not properly check states specified by the RRC (Radio Resource Control) Reconfiguration message. This can lead to disclosure of sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 2.2 3.6

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_auto_t5123_firmware -
samsung exynos_850_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2024-29153

A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, and Exynos Modem 5300 that involves incorrect authorization of LTE NAS messages and leads to downgrading to lower network generations and repeated DDOS.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung exynos_9820_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_850_firmware -
samsung exynos_9825_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2024-31952

An issue was discovered in Samsung Magician 8.0.0 on macOS. Because symlinks are used during the installation process, an attacker can escalate privileges via arbitrary file permission writes. (The attacker must already have user privileges, and an administrator password must be entered during the program installation stage for privilege escalation.)

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung magician 8.0.0
CVE-2024-31953

An issue was discovered in Samsung Magician 8.0.0 on macOS. Because it is possible to tamper with the directory and executable files used during the installation process, an attacker can escalate privileges through arbitrary code execution. (The attacker must already have user privileges, and an administrator password must be entered during the program installation stage for privilege escalation.)

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung magician 8.0.0
CVE-2024-31956

An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks proper buffer length checking, which can result in an Out-of-Bounds Write.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 8.4 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.5 5.9

Products Affected

Vendor Product Version
samsung exynos_2200_firmware -
samsung exynos_1480_firmware -
samsung exynos_2400_firmware -
CVE-2024-31957

A vulnerability was discovered in Samsung Mobile Processors Exynos 2200 and Exynos 2400 where they lack a check for the validation of native handles, which can result in a DoS(Denial of Service) attack by unmapping an invalid length.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 2.5 3.6

Products Affected

Vendor Product Version
samsung exynos_2200_firmware -
samsung exynos_2400_firmware -
CVE-2024-31958

An issue was discovered in Samsung Mobile Processor EExynos 2200, Exynos 1480, Exynos 2400. It lacks a check for the validation of native handles, which can result in an Out-of-Bounds Write.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.8 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H 2.5 4.2

Products Affected

Vendor Product Version
samsung exynos_2200_firmware -
samsung exynos_1480_firmware -
samsung exynos_2400_firmware -
CVE-2024-31959

An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks a check for the validation of native handles, which can result in code execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 8.4 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.5 5.9

Products Affected

Vendor Product Version
samsung exynos_2200_firmware -
samsung exynos_1480_firmware -
samsung exynos_2400_firmware -
CVE-2024-32502

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper reference count checking, which can result in a UAF (Use-After-Free) vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 8.4 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.5 5.9

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_w930_firmware -
samsung exynos_2100_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_w920_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-32503

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper memory deallocation checking, which can result in a UAF (Use-After-Free) vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 8.4 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.5 5.9

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_w930_firmware -
samsung exynos_2100_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_w920_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-32504

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper length checking, which can result in an OOB (Out-of-Bounds) Write vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 8.4 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.5 5.9

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_w930_firmware -
samsung exynos_2100_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_w920_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-32671

Heap-based Buffer Overflow vulnerability in Samsung Open Source Escargot JavaScript engine allows Overflow Buffers.This issue affects Escargot: 4.0.0.

Products Affected

Vendor Product Version
samsung escargot 4.0.0
CVE-2024-34583

Improper access control in system property prior to SMR Jul-2024 Release 1 allows local attackers to get device identifier.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-34585

Improper access control in launchApp of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-34586

Improper access control in KnoxCustomManagerService prior to SMR Jul-2024 Release 1 allows local attackers to configure Knox privacy policy.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-34587

Improper input validation in parsing application information from RTCP packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-34588

Improper input validation혻in parsing RTCP SR packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H 1.6 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-34589

Improper input validation in parsing RTCP RR packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H 1.6 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-34590

Improper input validation혻in parsing an item type from RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L 2.8 1.4
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H 1.6 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-34591

Improper input validation in parsing an item data from RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L 2.8 1.4
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H 1.6 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-34592

Improper input validation in parsing RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H 1.6 3.6
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L 2.8 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-34593

Improper input validation in parsing and distributing RTCP packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9
mobile.security@samsung.com 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-34594

Exposure of sensitive information in proc file system prior to SMR Jul-2024 Release 1 allows local attackers to read kernel memory address.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-34595

Improper access control in clickAdapterItem of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-34596

Improper authentication in SmartThings prior to version 1.8.17 allows remote attackers to bypass the expiration date for members set by the owner.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 2.2 3.6

Products Affected

Vendor Product Version
samsung smartthings *
CVE-2024-34597

Improper input validation in Samsung Health prior to version 6.27.0.113 allows local attackers to write arbitrary document files to the sandbox of Samsung Health. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 1.8 1.4
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L 1.8 2.5

Products Affected

Vendor Product Version
samsung health *
CVE-2024-34598

Improper export of component in GoodLock prior to version 2.2.04.95 allows local attackers to install arbitrary applications from Galaxy Store.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.7 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H 2.5 5.2

Products Affected

Vendor Product Version
samsung good_lock *
CVE-2024-34599

Improper input validation in Tips prior to version 6.2.9.4 in Android 14 allows local attacker to send broadcast with Tips' privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung tips *
CVE-2024-34600

Improper verification of intent by broadcast receiver vulnerability in Samsung Flow prior to version 4.9.13.0 allows local attackers to copy image files to external storage.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L 1.8 2.5

Products Affected

Vendor Product Version
samsung flow *
CVE-2024-34601

Improper verification of intent by broadcast receiver vulnerability in GalaxyStore prior to version 4.5.81.0 allows local attackers to launch unexported activities of GalaxyStore.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L 1.8 3.4

Products Affected

Vendor Product Version
samsung galaxy_store *
samsung galaxystore *
CVE-2024-34602

Use of implicit intent for sensitive communication in Samsung Messages prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-34603

Improper access control in Samsung Message prior to SMR Jul-2024 Release 1 allows local attackers to access location data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 13.0
CVE-2024-34662

Improper access control in ActivityManager prior to SMR Oct-2024 Release 1 in select Android 12, 13 and SMR Sep-2024 Release 1 in select Android 14 allows local attackers to execute privileged behaviors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-34665

Out-of-bounds write in parsing h.264 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-34666

Out-of-bounds write in parsing h.264 format in a specific mode in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-34667

Out-of-bounds write in parsing h.265 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-34668

Out-of-bounds write in parsing h.263 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-34669

Out-of-bounds write in parsing h.263+ format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-34670

Use of implicit intent for sensitive communication in Sound Assistant prior to version 6.1.0.9 allows local attackers to get sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung sound_assistant *
CVE-2024-34671

Use of implicit intent for sensitive communication in translation혻in Samsung Internet prior to version 26.0.3.1 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung internet *
CVE-2024-34672

Improper input validation in SamsungVideoPlayer prior to versions 7.3.29.1 in Android 12, 7.3.36.1 in Android 13, and 7.3.41.230 in Android 14 allows local attackers to access video file of other users.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung video_player *
CVE-2024-34674

Improper access control in Contacts prior to SMR Nov-2024 Release 1 allows physical attackers to access data across multiple user profiles.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-34675

Improper access control in Dex Mode prior to SMR Nov-2024 Release 1 allows physical attackers to temporarily access to unlocked screen.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 2.4 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 0.9 1.4

Products Affected

Vendor Product Version
samsung android 14.0
CVE-2024-34676

Out-of-bounds write in parsing subtitle file in libsubextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L 1.8 2.5

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-34677

Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-34678

Out-of-bounds write in libsapeextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-34679

Incorrect default permissions in Crane prior to SMR Nov-2024 Release 1 allows local attackers to access files with phone privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
CVE-2024-34680

Use of implicit intent for sensitive communication in WlanTest prior to SMR Nov-2024 Release 1 allows local attackers to get sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-36071

Samsung Magician 8.0.0 on Windows allows an admin to escalate privileges by tampering with the directory and DLL files used during the installation process. This occurs because of an Untrusted Search Path.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.3 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 0.3 5.9

Products Affected

Vendor Product Version
samsung magician 8.0.0
CVE-2024-39343

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, Modem 5123, and Modem 5300. The baseband software does not properly check the length specified by the MM (Mobility Management) module, which can lead to Denial of Service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 7.0 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H 2.2 4.7

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_2100_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_1480_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-39890

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300. The baseband software does not properly check the length specified by the CC (Call Control). This can lead to an Out-of-Bounds write.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung exynos_9820_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_9825_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2024-44068

An issue was discovered in the m2m scaler driver in Samsung Mobile Processor and Wearable Processor Exynos 9820, 9825, 980, 990, 850,and W920. A Use-After-Free in the mobile processor leads to privilege escalation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

Products Affected

Vendor Product Version
samsung exynos_9820_firmware -
samsung exynos_850_firmware -
samsung exynos_990_firmware -
samsung exynos_9825_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
CVE-2024-45183

An issue was discovered in Samsung Mobile Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480, and 2400. A lack of a JPEG length check leads to an out-of-bound write.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1480_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-45184

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with chipset Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, Modem 5123, and Modem 5300. A USAT out-of-bounds write due to a heap buffer overflow can lead to a Denial of Service.

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung exynos_9820_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_9825_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2024-45185

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, Modem 5123, Modem 5300. There is an out-of-bounds write due to a heap overflow in the GPRS protocol.

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung exynos_9820_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_9825_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2024-46919

An issue was discovered in Samsung Mobile Processor Exynos 9820, 9825, 980, 990, 850, 1080, 2100, and 1280. Lack of a length check leads to a stack out-of-bounds write at loadOutputBuffers.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

Products Affected

Vendor Product Version
samsung exynos_9820_firmware -
samsung exynos_2100_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_990_firmware -
samsung exynos_9825_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2024-46920

An issue was discovered in Samsung Mobile Processor Exynos 9820, 9825, 980, 990, 850, 1080, 2100, and 1280. Lack of a length check leads to a stack out-of-bounds write at loadInputBuffers.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
samsung exynos_9820_firmware -
samsung exynos_2100_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_990_firmware -
samsung exynos_9825_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2024-46921

An issue was discovered in Samsung Mobile Processor and Modem Exynos 9820, 9825, 980, 990, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W1000, Modem 5123, Modem 5300, Modem 5400. UE does not limit the number of attempts for the RRC Setup procedure in the 5G SA, leading to a denial of service (battery-drain attack).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
samsung exynos_9820_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_1480_firmware -
samsung exynos_9825_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_modem_5400_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_990_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2024-46922

An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The absence of a null check leads to a Denial of Service at amdgpu_cs_parser_bos in the Xclipse Driver.

Products Affected

Vendor Product Version
samsung exynos_1480_firmware -
samsung exynos_2400_firmware -
CVE-2024-46923

An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. The absence of a null check leads to a Denial of Service at amdgpu_cs_ib_fill in the Xclipse Driver.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_2200_firmware -
samsung exynos_1480_firmware -
samsung exynos_2400_firmware -
CVE-2024-48883

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, and Modem 5300. The UE incorrectly handles a malformed uplink scheduling message, resulting in an information leak of the UE.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.3 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 0.9 3.4

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung exynos_9820_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_9825_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2024-49196

An issue was discovered in the GPU in Samsung Mobile Processor Exynos 1480 and 2400. Type confusion leads to a Denial of Service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_1480_firmware -
samsung exynos_2400_firmware -
CVE-2024-49197

An issue was discovered in Wi-Fi in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, W920, W930, and W1000. Lack of a boundary check in STOP_KEEP_ALIVE_OFFLOAD leads to out-of-bounds access.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_w930_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-49401

Improper input validation in Settings Suggestions prior to SMR Nov-2024 Release 1 allows local attackers to launch privileged activities.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 2.5 2.5

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 13.0
CVE-2024-49402

Improper input validation in Dressroom prior to SMR Nov-2024 Release 1 allow physical attackers to access data across multiple user profiles.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6

Products Affected

Vendor Product Version
samsung android 14.0
CVE-2024-49410

Out-of-bounds write in libswmfextractor.so prior to SMR Dec-2024 Release 1 allows local attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-49411

Path Traversal in ThemeCenter prior to SMR Dec-2024 Release 1 allows physical attackers to copy apk files to arbitrary path with ThemeCenter privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 0.7 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-49413

Improper Verification of Cryptographic Signature in SmartSwitch prior to SMR Dec-2024 Release 1 allows local attackers to install malicious applications.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.1 HIGH CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L 1.6 5.5

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 13.0
CVE-2024-49414

Authentication Bypass Using an Alternate Path in Dex Mode prior to SMR Dec-2024 Release 1 allows physical attackers to temporarily access to recent app list.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 2.4 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 0.9 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-49415

Out-of-bound write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2024-49416

Use of implicit intent for sensitive communication in SmartThings prior to version 1.8.21 allows local attackers to get sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung smartthings *
CVE-2024-49417

Use of implicit intent for sensitive communication in Smart Touch Call prior to 1.0.0.8 allows local attackers to launch privileged activities. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 2.0 LOW CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N 0.6 1.4

Products Affected

Vendor Product Version
samsung smart_touch_call *
CVE-2024-49421

Path traversal in Quick Share Agent prior to version 3.5.14.47 in Android 12, 3.5.19.41 in Android 13, and 3.5.19.42 in Android 14 allows adjacent attackers to write file in arbitrary location.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
samsung quick_share *
CVE-2024-49422

Protection Mechanism Failure in bootloader prior to SMR Oct-2024 Release 1 allows physical attackers to reset lockscreen failure count by hardware fault injection. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.2 MEDIUM CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L 0.5 4.7

Products Affected

Vendor Product Version
samsung android 13.0
CVE-2024-50600

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, W920, W930, and W1000. Lack of a boundary check in STOP_KEEP_ALIVE_OFFLOAD leads to out-of-bounds access. An attacker can send a malformed message to the target through the Wi-Fi driver.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_w930_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2024-52923

An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of a boundary check during the decoding of DL NAS Transport messages leads to a Denial of Service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung exynos_9820_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_9825_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_modem_5400_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2024-52924

An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of boundary check during the decoding of Registration Accept messages can lead to out-of-bounds writes on the stack

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung exynos_9820_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_9825_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_modem_5400_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2024-53921

An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via a symbolic link during the installation process.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 2.8 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N 1.3 1.4

Products Affected

Vendor Product Version
samsung magician 8.1.0
CVE-2024-55568

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The absence of a NULL check leads to a Denial of Service when an attacker sends malformed MM packets to the target.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_modem_5400_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2024-55569

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2024-56426

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000. The lack of a length check leads to out-of-bounds writes via malformed USB packets to the target.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2024-56427

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds access via malformed RRC packets to the target.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_modem_5400_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2024-7399

Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
samsung magicinfo_9_server *
CVE-2025-0634

Use After Free vulnerability in Samsung Open Source rLottie allows Remote Code Inclusion.This issue affects rLottie: V0.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung rlottie 0.2
CVE-2025-20881

Out-of-bounds write in accessing buffer storing the decoded video frames in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.0 HIGH CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.0 5.9
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2025-20882

Out-of-bounds write in accessing uninitialized memory for svc1td in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 7.0 HIGH CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.0 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2025-20883

Improper access control in SoundPicker prior to SMR Jan-2025 Release 1 allows physical attackers to access data across multiple user profiles.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6
mobile.security@samsung.com 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2025-20884

Improper access control in Samsung Message prior to SMR Jan-2025 Release 1 allows physical attackers to access data across multiple user profiles.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6
mobile.security@samsung.com 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2025-20885

Out-of-bounds write in softsim trustlet prior to SMR Jan-2025 Release 1 allows local privileged attackers to cause memory corruption.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9
mobile.security@samsung.com 6.4 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 0.5 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2025-20886

Inclusion of sensitive information in test code in softsim trustlet prior to SMR Jan-2025 Release 1 allows local privileged attackers to get test key.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.8 3.6
mobile.security@samsung.com 4.1 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N 0.5 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2025-20887

Out-of-bounds read in accessing table used for svp8t in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L 1.0 4.2
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2025-20888

Out-of-bounds write in handling the block size for smp4vtd in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 7.0 HIGH CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.0 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2025-20889

Out-of-bounds read in decoding malformed bitstream for smp4vtd in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L 1.0 4.2
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2025-20890

Out-of-bounds write in decoding frame buffer in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 7.0 HIGH CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.0 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2025-20891

Out-of-bounds read in decoding malformed bitstream of video thumbnails in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L 1.0 4.2

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2025-20892

Protection Mechanism Failure in bootloader prior to SMR Jan-2025 Release 1 allows physical attackers to allow to execute fastboot command. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N 0.7 5.2
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N 0.7 5.2

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 13.0
CVE-2025-20893

Improper access control in NotificationManager prior to SMR Jan-2025 Release 1 allows local attackers to change the configuration of notifications.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 2.5 2.5
nvd@nist.gov 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 2.5 2.5

Products Affected

Vendor Product Version
samsung android 14.0
CVE-2025-20894

Improper access control in Samsung Email prior to version 6.1.97.1 allows physical attackers to access data across multiple user profiles.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6

Products Affected

Vendor Product Version
samsung email *
CVE-2025-20895

Authentication Bypass Using an Alternate Path in Galaxy Store prior to version 4.5.87.6 allows physical attackers to install arbitrary applications to bypass restrictions of Setupwizard.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.2 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N 0.7 2.5

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2025-20896

Use of implicit intent for sensitive communication in EasySetup prior to version 11.1.18 allows local attackers to access sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung easysetup *
CVE-2025-20898

Improper input validation in Samsung Members prior to version 5.2.00.12 allows physical attackers to access data across multiple user profiles.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6

Products Affected

Vendor Product Version
samsung members *
CVE-2025-20900

Out-of-bounds write in Blockchain Keystore prior to version 1.3.16.5 allows local privileged attackers to write out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L 0.8 5.5

Products Affected

Vendor Product Version
samsung blockchain_keystore *
CVE-2025-20901

Out-of-bounds read in Blockchain Keystore prior to version 1.3.16.5 allows local privileged attackers to read out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.8 3.6

Products Affected

Vendor Product Version
samsung blockchain_keystore *
CVE-2025-20903

Improper access control in SecSettingsIntelligence prior to SMR Mar-2025 Release 1 allows local attackers to launch privileged activities. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H 1.3 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 15.0
samsung android 13.0
CVE-2025-20904

Out-of-bounds write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged attackers to cause memory corruption.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9
mobile.security@samsung.com 6.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L 0.8 5.5

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2025-20905

Out-of-bounds read and write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged attackers to read and write out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L 0.8 5.5
nvd@nist.gov 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2025-20907

Improper privilege management in Samsung Find prior to SMR Feb-2025 Release 1 allows local privileged attackers to disable Samsung Find.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H 1.5 4.0
nvd@nist.gov 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 0.8 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 12.0
samsung android 13.0
CVE-2025-20908

Use of insufficiently random values in Auracast prior to SMR Mar-2025 Release 1 allows adjacent attackers to access Auracast broadcasting.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.5 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
CVE-2025-20909

Use of implicit intent for sensitive communication in Settings prior to SMR Mar-2025 Release 1 allows local attackers to access sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
CVE-2025-20910

Incorrect default permission in Galaxy Watch Gallery prior to SMR Mar-2025 Release 1 allows local attackers to access data in Galaxy Watch Gallery.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung wear_os 5.0
CVE-2025-20911

Improper access control in sem_wifi service prior to SMR Mar-2025 Release 1 allows privileged local attackers to update MAC address of Galaxy Watch.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N 0.8 3.6

Products Affected

Vendor Product Version
samsung wear_os 5.0
CVE-2025-20912

Incorrect default permission in DiagMonAgent prior to SMR Mar-2025 Release 1 allows local attackers to access data within Galaxy Watch.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung wear_os 5.0
CVE-2025-20913

Out-of-bounds read in applying binary of drawing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-20914

Out-of-bounds read in applying binary of hand writing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-20915

Out-of-bounds read in applying binary of voice content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-20916

Out-of-bounds read in reading string of SPen in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-20917

Out-of-bounds read in applying binary of pdf content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-20918

Out-of-bounds read in applying extra data of base content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-20919

Out-of-bounds read in applying binary of video content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-20920

Out-of-bounds read in action link data in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-20921

Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-20922

Out-of-bounds read in appending text paragraph in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-20924

Improper access control in Samsung Notes prior to version 4.4.26.71 allows physical attackers to access data across multiple user profiles.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-20925

Out-of-bounds read in applying binary of text data in Samsung Notes prior to version 4.4.26.71 allows local attackers to potentially read memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-20926

Improper export of Android application components in My Files prior to version 15.0.07.5 in Android 14 allows local attackers to access files with My Files' privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung myfiles *
CVE-2025-20927

Out-of-bounds read in parsing image data in Samsung Notes prior to vaersion 4.4.26.71 allows local attackers to access out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-20928

Out-of-bounds read in parsing wbmp image in Samsung Notes prior to vaersion 4.4.26.71 allows local attackers to access out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-20929

Out-of-bounds write in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L 2.5 4.7

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-20930

Out-of-bounds read in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-20931

Out-of-bounds write in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L 2.5 4.7

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-20932

Out-of-bounds read in parsing rle of bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to혻read out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-20933

Out-of-bounds read in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-20934

Improper access control in Sticker Center prior to SMR Apr-2025 Release 1 allows local attackers to access image files with system privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android *
samsung android 14.0
CVE-2025-20936

Improper access control in HDCP trustlet prior to SMR Apr-2025 Release 1 allows local attackers with shell privilege to escalate their privileges to root.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 8.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 2.0 6.0

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20937

Out-of-bounds write in Keymaster trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20939

Improper authorization in wireless download protocol in Galaxy Watch prior to SMR Apr-2025 Release 1 allows physical attackers to update device unique identifier of Watch devices.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.4 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L 0.7 4.7

Products Affected

Vendor Product Version
samsung wear_os 5.0
CVE-2025-20941

Improper access control in InputManager to SMR Apr-2025 Release 1 allows local attackers to access the scancode of specific input device.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20942

Improper Verification of Intent by Broadcast Receiver in DeviceIdService prior to SMR Apr-2025 Release 1 allows local attackers to reset OAID.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L 1.8 2.5

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20943

Out-of-bounds write in secfr trustlet prior to SMR Apr-2025 Release 1 allows local privileged attackers to cause memory corruption.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 0.8 3.6
mobile.security@samsung.com 6.4 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 0.5 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20944

Out-of-bounds read in parsing audio data in libsavsac.so prior to SMR Apr-2025 Release 1 allows local attackers to read out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 1.8 5.2
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20945

Improper access control in Galaxy Watch prior to SMR Apr-2025 Release 1 allows local attackers to access sensitive information of Galaxy watch.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung wear_os 5.0
CVE-2025-20946

Improper handling of exceptional conditions in pairing specific bluetooth devices in Galaxy Watch Bluetooth pairing prior to SMR Apr-2025 Release 1 allows local attackers to pair with specific bluetooth devices without user interaction.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 8.8 HIGH CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
samsung wear_os 5.0
CVE-2025-20947

Improper handling of insufficient permission or privileges in ClipboardService prior to SMR Apr-2025 Release 1 allows local attackers to access image files across multiple users. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20948

Out-of-bounds read in enrollment with cdsp frame secfr trustlet prior to SMR Apr-2025 Release 1 allows local privileged attackers to read out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 1.8 5.2
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20949

Path traversal vulnerability in Samsung Members prior to version 5.0.00.11 allows attackers to read and write arbitrary file with the privilege of Samsung Members.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 2.5 2.5

Products Affected

Vendor Product Version
samsung members *
CVE-2025-20950

Use of implicit intent for sensitive communication in SamsungNotes prior to version 4.4.26.45 allows local attackers to access sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-20951

Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.90.7 allows local attackers to write arbitrary files with the privilege of Galaxy Store.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 2.5 2.5
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2025-20952

Improper access control in Mdecservice prior to SMR Apr-2025 Release 1 allows local attackers to access arbitrary files with system privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 15.0
CVE-2025-20953

Improper access control in SmartManagerCN prior to SMR May-2025 Release 1 allows local attackers to launch activities within SmartManagerCN.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 2.5 2.5
nvd@nist.gov 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N 1.8 2.5

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20954

Use of implicit intent for sensitive communication in EnrichedCall prior to SMR May-2025 Release 1 allows local attackers to access sensitive information. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20955

Improper Export of Android Application Components in NotificationHistoryImageProvider prior to SMR May-2025 Release 1 allows local attackers to access notification images.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20956

Improper export of android application components in Settings in Galaxy Watch prior to SMR May-2025 Release 1 allows physical attackers to access developer settings.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 0.7 3.6

Products Affected

Vendor Product Version
samsung wear_os 5.0
CVE-2025-20957

Improper access control in SmartManagerCN prior to SMR May-2025 Release 1 allows local attackers to launch arbitrary activities with SmartManagerCN privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L 2.5 4.7
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20958

Improper verification of intent by broadcast receiver in UnifiedWFC prior to SMR May-2025 Release 1 allows local attackers to manipulate VoWiFi related behaviors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L 1.8 2.5
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L 1.8 2.5

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20959

Use of implicit intent for sensitive communication in Wi-Fi P2P service prior to SMR May-2025 Release 1 allows local attackers to access sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 2.5 2.5
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20960

Improper handling of insufficient permission in CocktailBarService prior to SMR May-2025 Release 1 allows local attackers to use the privileged api.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20961

Improper handling of insufficient permission or privileges in sepunion service prior to SMR May-2025 Release 1 allows local privileged attackers to access files with system privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20962

Improper handling of insufficient permission in SpenGesture service prior to SMR May-2025 Release 1 allows local attackers to track the S Pen position.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20963

Out-of-bounds write in memory initialization in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.6 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L 1.8 4.7
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20964

Out-of-bounds write in parsing media files in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 6.6 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L 1.8 4.7

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20965

Improper handling of insufficient permission in Bixby wakeup prior to version 2.3.74.8 allows local attackers to access sensitive data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung bixby *
CVE-2025-20966

Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows physical attackers to access data across multiple user profiles.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6

Products Affected

Vendor Product Version
samsung gallery *
CVE-2025-20967

Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows attackers to read and write arbitrary file with the privilege of Samsung Gallery.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 2.5 2.5

Products Affected

Vendor Product Version
samsung gallery *
CVE-2025-20968

Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows remote attackers to access data and perform internal operations within Samsung Gallery.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N 3.9 2.7

Products Affected

Vendor Product Version
samsung gallery *
CVE-2025-20969

Improper input validation in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows local attackers to access data within Samsung Gallery.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung gallery *
CVE-2025-20971

Improper input validation in Samsung Flow prior to version 4.9.17.6 allows local attackers to access data within Samsung Flow.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung flow *
CVE-2025-20972

Improper verification of intent by broadcast receiver in Samsung Flow prior to version 4.9.17.6 allows local attackers to modify Samsung Flow configuration.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 2.5 3.6

Products Affected

Vendor Product Version
samsung flow *
CVE-2025-20976

Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.29.23 allows attackers to read out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-20977

Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version 4.4.29.23 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-20981

Improper access control in AudioService prior to SMR Jun-2025 Release 1 allows local attackers to access sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20982

Out-of-bounds write in setting auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9
mobile.security@samsung.com 6.4 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 0.5 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
CVE-2025-20983

Out-of-bounds write in checking auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.4 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 0.5 5.9
nvd@nist.gov 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
CVE-2025-20984

Incorrect default permission in Samsung Cloud for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to access data in Samsung Cloud for Galaxy Watch.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.8 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N 2.5 4.2

Products Affected

Vendor Product Version
samsung wear_os 5.0
CVE-2025-20985

Improper privilege management in ThemeManager prior to SMR Jun-2025 Release 1 allows local privileged attackers to reuse trial items.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20986

Improper access control in ScreenCapture for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to take screenshots.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung wear_os 5.0
CVE-2025-20987

Improper access control in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to get a auth_token.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.2 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:L 0.5 4.7

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20988

Out-of-bounds read in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to read out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20989

Improper logging in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to get a hmac_key.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.2 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:L 0.5 4.7

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20990

Improper access control in accessing system device node prior to SMR Aug-2025 Release 1 allows local attackers to access device identifier.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20991

Improper export of Android application components in Bluetooth prior to SMR Jun-2025 Release 1 allows local attackers to make devices discoverable.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20992

Out-of-bound read in libsecimaging.camera.samsung.so prior to SMR Feb-2025 Release 1 allows local attackers to read out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20993

Out-of-bounds write in libsecimaging.camera.samsung.so prior to SMR Jun-2025 Release 1 allows local attackers to write out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-20994

Improper handling of insufficient permission in SyncClientProvider in Samsung Internet installed on non-Samsung Device prior to version 28.0.0.59 allows local attackers to access read and write arbitrary files.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.5 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L 1.0 3.4

Products Affected

Vendor Product Version
samsung internet *
CVE-2025-20995

Improper handling of insufficient permission in ClientProvider in Samsung Internet installed on non-Samsung Device prior to version 28.0.0.59 allows local attackers to read and write arbitrary files.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.9 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L 1.4 3.4

Products Affected

Vendor Product Version
samsung internet *
CVE-2025-20996

Improper authorization in Smart Switch installed on non-Samsung Device prior to version 3.7.64.10 allows local attackers to read data with the privilege of Smart Switch. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N 1.3 3.6

Products Affected

Vendor Product Version
samsung smart_switch *
CVE-2025-20997

Incorrect default permission in Framework for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to reset some configuration of Galaxy Watch.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung wear_os 5.0
CVE-2025-20998

Improper access control in SamsungAccount for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to access phone number.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung wear_os 5.0
CVE-2025-20999

Improper authorization in accessing saved Wi-Fi password for Galaxy Tablet prior to SMR Jul-2025 Release 1 allows secondary users to access owner's saved Wi-Fi password.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 2.1 LOW CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 0.7 1.4
mobile.security@samsung.com 4.1 MEDIUM CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N 0.5 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-21000

Improper privilege management in Bluetooth prior to SMR Jul-2025 Release 1 allows local attackers to enable Bluetooth.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-21001

Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to stop broadcasting Auracast.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 2.5 3.6
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
CVE-2025-21002

Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to manipulate broadcasting Auracast.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
CVE-2025-21003

Insecure storage of sensitive information in Emergency SOS prior to SMR Jul-2025 Release 1 allows local attackers to access sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-21004

Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 2.5 3.6

Products Affected

Vendor Product Version
samsung wear_os 5.0
CVE-2025-21005

Improper access control in isemtelephony prior to Android 15 allows local attackers to access sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android *
CVE-2025-21006

Out-of-bounds write in handling of macro blocks for MPEG4 codec in libsavsvc.so prior to Android 15 allows local attackers to write out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 7.0 HIGH CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 1.0 5.9

Products Affected

Vendor Product Version
samsung android *
CVE-2025-21007

Out-of-bounds write in accessing uninitialized memory in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

Products Affected

Vendor Product Version
samsung android *
CVE-2025-21008

Out-of-bounds read in decoding frame header in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

Products Affected

Vendor Product Version
samsung android *
CVE-2025-21009

Out-of-bounds read in decoding malformed frame header in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

Products Affected

Vendor Product Version
samsung android *
CVE-2025-21010

Improper privilege management in SamsungAccount prior to SMR Aug-2025 Release 1 allows local privileged attackers to deactivate Samsung account.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H 1.5 4.0

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-21014

Improper export of android application component in Emergency SoS prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 0.7 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-21015

Path Traversal in Document scanner prior to SMR Aug-2025 Release 1 allows local attackers to delete file with Document scanner's privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 15.0
CVE-2025-21017

Out-of-bounds write in detaching crypto box in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L 0.8 5.5
nvd@nist.gov 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung blockchain_keystore *
CVE-2025-21018

Out-of-bounds read in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to read out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.8 3.6

Products Affected

Vendor Product Version
samsung blockchain_keystore *
CVE-2025-21019

Improper authorization in Samsung Health prior to version 6.30.1.003 allows local attackers to access data in Samsung Health. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung health *
CVE-2025-21020

Out-of-bounds write in creating bitmap images in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9
mobile.security@samsung.com 5.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N 0.5 5.2

Products Affected

Vendor Product Version
samsung blockchain_keystore *
CVE-2025-21021

Out-of-bounds write in drawing pinpad in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9
mobile.security@samsung.com 5.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N 0.5 5.2

Products Affected

Vendor Product Version
samsung blockchain_keystore *
CVE-2025-21022

Improper access control in Galaxy Wearable prior to version 2.2.63.25042861 allows local attackers to access sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung galaxy_wearable *
CVE-2025-21025

Improper access control in MARsExemptionManager prior to SMR Sep-2025 Release 1 allows local attackers to be excluded from background execution management.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 2.5 2.5
nvd@nist.gov 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L 1.8 2.5

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-21026

Improper handling of insufficient permission in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to interrupt the call.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L 1.8 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-21027

Improper verification of intent by broadcast receiver in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to temporarily disable the SIM.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L 1.8 2.5
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 2.5 2.5

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-21028

Improper privilege management in ThemeManager prior to SMR Sep-2025 Release 1 allows local privileged attackers to reuse trial items.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 15.0
samsung android 16.0
CVE-2025-21029

Improper handling of insufficient permission in System UI prior to SMR Sep-2025 Release 1 allows local attackers to send arbitrary replies to messages from the cover display.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-21031

Improper access control in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to use the privileged APIs.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.8 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L 2.5 4.2

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-21032

Improper access control in One UI Home prior to SMR Sep-2025 Release 1 allows physical attackers to bypass Kiosk mode under limited conditions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H 0.7 5.2
nvd@nist.gov 6.8 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 0.9 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
CVE-2025-21033

Improper access control in ContactProvider prior to SMR Sep-2025 Release 1 allows local attackers to access sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
CVE-2025-21034

Out-of-bounds write in libsavsvc.so prior to SMR Sep-2025 Release 1 allows local attackers to potentially execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-21035

Improper access control in Samsung Calendar prior to version 12.5.06.5 in Android 14 and 12.6.01.12 in Android 15 allows physical attackers to access data across multiple user profiles.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6

Products Affected

Vendor Product Version
samsung calendar *
CVE-2025-21036

Improper access control in Samsung Notes prior to version 4.4.30.63 allows local privileged attackers to access exported note files. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N 1.3 3.6

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-21037

Improper access control in Samsung Notes prior to version 4.4.30.63 allows physical attackers to access data across multiple user profiles. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.1 MEDIUM CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N 0.5 3.6
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 0.7 3.6

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-21038

Improper verification of intent by SamsungExceptionalBroadcastReceiver in S Assistant prior to version 9.3.2 allows local attackers to modify itinerary information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 2.5 2.5

Products Affected

Vendor Product Version
samsung sassistant *
CVE-2025-21039

Improper verification of intent by SystemExceptionalBroadcastReceiver in S Assistant prior to version 9.3.2 allows local attackers to modify itinerary information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 2.5 2.5

Products Affected

Vendor Product Version
samsung sassistant *
CVE-2025-21040

Improper verification of intent by ExternalBroadcastReceiver in S Assistant prior to version 9.3.2 allows local attackers to modify itinerary information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4
mobile.security@samsung.com 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 2.5 2.5

Products Affected

Vendor Product Version
samsung sassistant *
CVE-2025-21041

Insecure Storage of Sensitive Information in Secure Folder prior to Android 16 allows local attackers to access sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android *
CVE-2025-21042

Out-of-bounds write in libimagecodec.quram.so prior to SMR Apr-2025 Release 1 allows remote attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
mobile.security@samsung.com 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-21043

Out-of-bounds write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-21044

Out-of-bounds write in fingerprint trustlet prior to SMR Oct-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.8 3.6
mobile.security@samsung.com 5.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N 0.5 5.2

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-21045

Insecure storage of sensitive information in Galaxy Watch prior to SMR Oct-2025 Release 1 allows local attackers to access sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung wear_os 5.0
CVE-2025-21046

Improper access control in WindowManager in Samsung DeX prior to SMR Oct-2025 Release 1 allows physical attackers to temporarily access to recent app list.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 2.4 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 0.9 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-21047

Improper access control in KnoxGuard prior to SMR Oct-2025 Release 1 allows physical attackers to use the privileged APIs.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.2 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L 0.9 4.2
nvd@nist.gov 6.8 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 0.9 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
CVE-2025-21048

Relative path traversal in Knox Enterprise prior to SMR Oct-2025 Release 1 allows local attackers to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-21049

Improper access control in SecSettings prior to SMR Oct-2025 Release 1 allows local attackers to access sensitive information. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 15.0
samsung android 16.0
CVE-2025-21050

Improper input validiation in Contacts prior to SMR Oct-2025 Release 1 allows local attackers to access data across multiple user profiles.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N 2.5 4.0
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 13.0
CVE-2025-21051

Out-of-bounds write in the pre-processing of JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to write out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-21052

Out-of-bounds write under specific condition in the pre-processing of JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-21053

Out-of-bounds write in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-21054

Out-of-bounds read in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to potentially access out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-21055

Out-of-bounds read and write in libimagecodec.quram.so prior to SMR Oct-2025 Release 1 allows remote attackers to access out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-21057

Use of implicit intent for sensitive communication in Samsung Notes prior to version 4.4.30.63 allows local attackers to access shared notes.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-21059

Improper authorization in Samsung Health prior to version 6.30.5.105 allows local attackers to access data in Samsung Health.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung health *
CVE-2025-21060

Cleartext storage of sensitive information in Smart Switch prior to version 3.7.67.2 allows local attackers to access backup data from applications. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung smart_switch *
CVE-2025-21061

Cleartext storage of sensitive information in Smart Switch prior to version 3.7.67.2 allows local attackers to access sensitive data. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H 1.8 5.2

Products Affected

Vendor Product Version
samsung smart_switch *
CVE-2025-21062

Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.67.2 allows local attackers to replace the restoring application. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung smart_switch *
CVE-2025-21063

Improper access control in Samsung Voice Recorder prior to version 21.5.73.12 in Android 15 and 21.5.81.40 in Android 16 allows physical attackers to access recording files on the lock screen.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6

Products Affected

Vendor Product Version
samsung voice_recorder *
CVE-2025-21064

Improper authentication in Smart Switch prior to version 3.7.66.6 allows adjacent attackers to access transferring data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 8.8 HIGH CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
samsung smart_switch *
CVE-2025-21066

Out-of-bounds read in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 1.8 5.2
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-21067

Out-of-bounds read in the allocation of image buffer in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 1.8 5.2

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-21068

Out-of-bounds read in the reading of image data in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 1.8 5.2

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-21069

Out-of-bounds read in the parsing of image data in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 1.8 5.2

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-21070

Out-of-bounds write in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attackers to write out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung notes *
CVE-2025-21071

Out-of-bounds write in handling opcode in fingerprint trustlet prior to SMR Nov-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N 0.5 5.2

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-21072

Out-of-bounds write in decoding metadata in fingerprint trustlet prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N 0.5 5.2

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-21073

Insecure default configuration in USB connection mode prior to SMR Nov-2025 Release 1 allows privileged physical attackers to access user data. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.8 MEDIUM CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N 1.6 5.2

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-21074

Out-of-bounds read in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attackers to access out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-21075

Out-of-bounds write in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attackers to access out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-21076

Improper handling of insufficient permissions or privileges in Samsung Account prior to version 15.5.00.18 allows local attackers to access data in Samsung Account. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung account *
CVE-2025-21077

Improper input validation in Samsung Email prior to version 6.2.06.0 allows local attackers to launch arbitrary activity with Samsung Email privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
samsung email *
CVE-2025-21078

Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows adjacent attackers to access backup data from applications.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 8.8 HIGH CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
samsung smart_switch *
CVE-2025-21079

Improper input validation in Samsung Members prior to version 5.5.01.3 allows remote attackers to connect arbitrary URL and launch arbitrary activity with Samsung Members privilege. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H 2.8 4.2

Products Affected

Vendor Product Version
samsung members *
CVE-2025-21080

Improper export of android application components in Dynamic Lockscreen prior to SMR Dec-2025 Release 1 allows local attackers to access files with Dynamic Lockscreen's privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 2.5 3.6

Products Affected

Vendor Product Version
samsung android 15.0
samsung android 16.0
CVE-2025-2233

Samsung SmartThings Improper Verification of Cryptographic Signature Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Samsung SmartThings. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Hub Local API service, which listens on TCP port 8766 by default. The issue results from the lack of proper verification of a cryptographic signature. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25615.

Products Affected

Vendor Product Version
samsung smartthings *
CVE-2025-22377

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. A Heap-based Out-of-Bounds Write exists in the GPRS protocol implementation because of a mismatch between the actual length of the payload and the length declared within the payload.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_modem_5400_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2025-23095

An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400. A Double Free in the mobile processor leads to privilege escalation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_1480_firmware -
samsung exynos_2400_firmware -
samsung exynos_1280_firmware -
CVE-2025-23096

An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400. A Double Free in the mobile processor leads to privilege escalation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_1480_firmware -
samsung exynos_2400_firmware -
samsung exynos_1280_firmware -
CVE-2025-23097

An issue was discovered in Samsung Mobile Processor Exynos 1380. The lack of a length check leads to out-of-bounds writes.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 3.9 5.2

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
CVE-2025-23098

An issue was discovered in Samsung Mobile Processor Exynos 980, 990, 1080, 2100, 1280, 2200, 1380. A Use-After-Free in the mobile processor leads to privilege escalation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_990_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2025-23099

An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 3.9 5.2

Products Affected

Vendor Product Version
samsung exynos_1480_firmware -
samsung exynos_2400_firmware -
CVE-2025-23100

An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400. The absence of a NULL check leads to a Denial of Service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_1480_firmware -
samsung exynos_2400_firmware -
samsung exynos_1280_firmware -
CVE-2025-23101

An issue was discovered in Samsung Mobile Processor Exynos 1380. A Use-After-Free in the mobile processor leads to privilege escalation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
CVE-2025-23102

An issue was discovered in Samsung Mobile Processor Exynos 980, 990, 1080, 2100, 1280, 2200, 1380, 1480 and 2400. A Double Free in the mobile processor leads to privilege escalation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1480_firmware -
samsung exynos_1080_firmware -
samsung exynos_990_firmware -
samsung exynos_2400_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2025-23103

An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.6 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L 3.9 4.7

Products Affected

Vendor Product Version
samsung exynos_1480_firmware -
samsung exynos_2400_firmware -
CVE-2025-23104

An issue was discovered in Samsung Mobile Processor Exynos 2200. A Use-After-Free in the mobile processor leads to privilege escalation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
samsung exynos_2200_firmware -
CVE-2025-23105

An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. A Use-After-Free in the mobile processor leads to privilege escalation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung exynos_2200_firmware -
samsung exynos_1480_firmware -
samsung exynos_2400_firmware -
CVE-2025-23106

An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. A Use-After-Free in the mobile processor leads to privilege escalation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
samsung exynos_2200_firmware -
samsung exynos_1480_firmware -
samsung exynos_2400_firmware -
CVE-2025-23107

An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.6 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L 3.9 4.7

Products Affected

Vendor Product Version
samsung exynos_1480_firmware -
samsung exynos_2400_firmware -
CVE-2025-26780

An issue was discovered in L2 in Samsung Mobile Processor and Modem Exynos 2400 and Modem 5400. The lack of a length check leads to a Denial of Service via a malformed PDCP packet.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung modem_5400_firmware -
samsung exynos_2400_firmware -
CVE-2025-26781

An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 9110, W920, W930, Modem 5123, and Modem 5300. Incorrect handling of RLC AM PDUs leads to a Denial of Service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung modem_5400_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_1080_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
CVE-2025-26782

An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 9110, W920, W930, Modem 5123, and Modem 5300. Incorrect handling of RLC AM PDUs leads to a Denial of Service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung modem_5400_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2025-26783

An issue was discovered in RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, W1000, Modem 5300, and Modem 5400. Incorrect handling of undefined values leads to a Denial of Service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_modem_5400_firmware -
samsung exynos_1480_firmware -
samsung exynos_w1000_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2025-26784

An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2025-26785

An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2025-27374

An issue was discovered in the Secure Boot component in Samsung Mobile Processor and Wearable Processor Exynos 9820, 9825, 980, 990, 850, 1080, 1280, 2200, 1330, 1380, 1480, 2400. The lack of a length check leads to out-of-bounds writes.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 3.9 1.4

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_9820_firmware -
samsung exynos_2200_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_9825_firmware -
samsung exynos_2400_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2025-27807

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes via malformed NAS packets.

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung modem_5300_firmware -
samsung modem_5400_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1580_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2025-27891

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds reads via malformed NAS packets.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 3.9 5.2

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_modem_5400_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2025-32098

An issue was discovered in Samsung Magician 6.3 through 8.3 on Windows. An attacker can achieve Elevation of Privileges to SYSTEM by exploiting insecure file delete operations during the update process.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
samsung magician *
CVE-2025-32100

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. A programming mistake for buffer copy leads to out-of-bounds writes via malformed ROHC packets.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung modem_5300_firmware -
samsung modem_5400_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1580_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2025-32407

Samsung Internet for Galaxy Watch version 5.0.9, available up until Samsung Galaxy Watch 3, does not properly validate TLS certificates, allowing for an attacker to impersonate any and all websites visited by the user. This is a critical misconfiguration in the way the browser validates the identity of the server. It negates the use of HTTPS as a secure channel, allowing for Man-in-the-Middle attacks, stealing sensitive information or modifying incoming and outgoing traffic. NOTE: This vulnerability is in an end-of-life product that is no longer maintained by the vendor.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 2.2 3.6

Products Affected

Vendor Product Version
samsung internet 5.0.9
CVE-2025-3885

Harman Becker MGU21 Bluetooth Improper Input Validation Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Harman Becker MGU21 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Bluetooth stack of the BCM89359 chipset. The issue results from the lack of proper validation of Bluetooth frames. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-23942.

Products Affected

Vendor Product Version
samsung harman_mgu21_firmware mgu21_22-07
CVE-2025-43706

An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2400, 1580, 9110, W920, W930, Modem 5123, and Modem 5400. Incorrect handling of RRC packets leads to a Denial of Service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung modem_5400_firmware -
samsung exynos_1580_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_990_firmware -
samsung modem_5123_firmware -
samsung exynos_w920_firmware -
samsung exynos_9110_firmware -
samsung exynos_2400_firmware -
samsung exynos_980_firmware -
CVE-2025-4632

Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung magicinfo_9_server *
CVE-2025-47202

In RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400, the lack of a length check leads to out-of-bounds writes.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 3.9 5.2

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung modem_5300_firmware -
samsung modem_5400_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1580_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2025-48025

In Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000, there is an improper access control vulnerability related to a log file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_w930_firmware -
samsung exynos_1480_firmware -
samsung exynos_1580_firmware -
samsung exynos_850_firmware -
samsung exynos_w1000_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2025-49494

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 2100, 1280, 2200, 1330, 1380, 1480, 9110, Modem 5123. Mishandling of an 5G NRMM packet leads to a Denial of Service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1480_firmware -
samsung modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2025-49495

An issue was discovered in the WiFi driver in Samsung Mobile Processor Exynos 1380, 1480, 2400, 1580. Mishandling of an NL80211 vendor command leads to a buffer overflow.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.4 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.5 5.9

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_1480_firmware -
samsung exynos_1580_firmware -
samsung exynos_2400_firmware -
CVE-2025-52512

An issue was discovered in Samsung Mobile Processor Exynos 2400, 1580, 2500. A race condition in the HTS driver results in out-of-bounds memory access, leading to a denial of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_2500_firmware -
samsung exynos_1580_firmware -
samsung exynos_2400_firmware -
CVE-2025-52513

An issue was discovered in Samsung Mobile Processor Exynos 2400, 1580, 2500. A race condition in the HTS driver results in an out-of-bounds write, leading to a denial of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_2500_firmware -
samsung exynos_1580_firmware -
samsung exynos_2400_firmware -
CVE-2025-52515

An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, 2500. A race condition in the issimian device driver results in an out-of-bounds access, leading to a denial of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.1 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 1.4 3.6

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_2500_firmware -
samsung exynos_1480_firmware -
samsung exynos_1580_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
CVE-2025-52516

An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, 2500. An invalid kernel address dereference in the issimian device driver leads to a denial of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 2.5 3.6

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_2500_firmware -
samsung exynos_1480_firmware -
samsung exynos_1580_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
CVE-2025-52517

An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, 2500. A race condition in the issimian device driver results in a double free, leading to a denial of service.

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_2500_firmware -
samsung exynos_1480_firmware -
samsung exynos_1580_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
CVE-2025-52519

An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, and 2500. Improper validation of user-space input in the issimian device driver leads to information disclosure and a denial of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 1.8 5.2

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_2500_firmware -
samsung exynos_1480_firmware -
samsung exynos_1580_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
CVE-2025-52908

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow via a certain ioctl message, issue 1 of 2.

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_w930_firmware -
samsung exynos_1480_firmware -
samsung exynos_1580_firmware -
samsung exynos_850_firmware -
samsung exynos_w1000_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2025-52910

An issue was discovered in the GPU in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1330, 1380, 1480, 2400. A Use-After-Free leads to privilege escalation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_1480_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2025-53074

Out-of-bounds Read vulnerability in Samsung Open Source rLottie allows Overflow Buffers.This issue affects rLottie: V0.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 3.9 5.2

Products Affected

Vendor Product Version
samsung rlottie 0.2
CVE-2025-53075

Improper Input Validation vulnerability in Samsung Open Source rLottie allows Path Traversal.This issue affects rLottie: V0.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung rlottie 0.2
CVE-2025-53076

Improper Input Validation vulnerability in Samsung Open Source rLottie allows Overread Buffers.This issue affects rLottie: V0.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung rlottie 0.2
CVE-2025-53077

An execution after redirect in Samsung DMS(Data Management Server) allows attackers to execute limited functions without permissions. An attacker could compromise the integrity of the platform by executing this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 3.9 2.5

Products Affected

Vendor Product Version
samsung data_management_server_firmware *
CVE-2025-53078

Deserialization of Untrusted Data in Samsung DMS(Data Management Server) allows attackers to execute arbitrary code via write file to system

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
PSIRT@samsung.com 8.0 HIGH CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H 1.3 6.0

Products Affected

Vendor Product Version
samsung data_management_server_firmware *
CVE-2025-53079

Absolute Path Traversal in Samsung DMS(Data Management Server) allows authenticated attacker (Administrator) to read sensitive files

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 1.2 3.6

Products Affected

Vendor Product Version
samsung data_management_server_firmware *
CVE-2025-53080

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Samsung DMS(Data Management Server) allows authenticated attackers to create arbitrary files in unintended locations on the filesystem

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 2.8 3.6
PSIRT@samsung.com 7.1 HIGH CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H 1.6 5.5

Products Affected

Vendor Product Version
samsung data_management_server_firmware *
CVE-2025-53081

An 'Arbitrary File Creation' in Samsung DMS(Data Management Server) allows attackers to create arbitrary files in unintended locations on the filesystem. Exploitation is restricted to specific, authorized private IP addresses.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 6.4 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H 0.9 5.5
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H 3.9 5.2

Products Affected

Vendor Product Version
samsung data_management_server_firmware *
CVE-2025-53082

An 'Arbitrary File Deletion' in Samsung DMS(Data Management Server) allows attackers to delete arbitrary files from unintended locations on the filesystem. Exploitation is restricted to specific, authorized private IP addresses.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H 3.9 5.2
PSIRT@samsung.com 6.1 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H 0.9 5.2

Products Affected

Vendor Product Version
samsung data_management_server_firmware *
CVE-2025-53965

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The function used to decode the SOR transparent container lacks bounds checking, which can cause a fatal error.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 3.9 1.4

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung modem_5300_firmware -
samsung modem_5400_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung modem_5123_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2500_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1580_firmware -
samsung exynos_w1000_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2025-53966

An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, and 1580. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow during handling of an IOCTL message.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.4 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.5 5.9

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_1480_firmware -
samsung exynos_1580_firmware -
samsung exynos_2400_firmware -
CVE-2025-54323

An issue was discovered in the camera in Samsung Mobile Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, and 1580. Improper debug printing leads to information leakage.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1580_firmware -
samsung exynos_1080_firmware -
samsung exynos_990_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2025-54325

An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1080, 1280, 2200, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000. A race condition in the VTS driver results in an out-of-bounds read, leading to an information leak.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 3.9 1.4

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_w930_firmware -
samsung exynos_2500_firmware -
samsung exynos_2200_firmware -
samsung exynos_1480_firmware -
samsung exynos_1580_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_w920_firmware -
samsung exynos_2400_firmware -
samsung exynos_1280_firmware -
CVE-2025-54326

An issue was discovered in Camera in Samsung Mobile Processor Exynos 1280 and 2200. Unnecessary registration of a hardware IP address in the Camera device driver can lead to a NULL pointer dereference, resulting in a denial of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_2200_firmware -
samsung exynos_1280_firmware -
CVE-2025-54327

An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1380, W920, W930, W1000. Improper input validation in the VTS driver leads to an arbitrary write.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_1280_firmware -
CVE-2025-54328

An issue was discovered in SMS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. A Stack-based Buffer Overflow occurs while parsing SMS RP-DATA messages.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 10.0 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 3.9 6.0

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2500_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_modem_5400_firmware -
samsung exynos_1580_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2025-54329

An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The function used to send a multiple-payloads message (including an SMS message) lacks bounds checking, which can lead to a heap overflow.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung modem_5300_firmware -
samsung modem_5400_firmware -
samsung exynos_1480_firmware -
samsung exynos_850_firmware -
samsung modem_5123_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2500_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_1580_firmware -
samsung exynos_w1000_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2025-54330

An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is an Out-of-bounds Read of q->bufs[] in the __is_done_for_me function.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
samsung exynos_1380_firmware *
CVE-2025-54331

An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is an Untrusted Pointer Dereference of src_hdr in the copy_ncp_header function.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 3.9 1.4

Products Affected

Vendor Product Version
samsung exynos_1380_firmware *
CVE-2025-54332

An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is a NULL Pointer Dereference of profiler.node in the npu_vertex_profileoff function.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_1380_firmware *
CVE-2025-54333

An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is an Invalid Pointer Dereference of node in the get_vs4l_profiler_node function.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 3.9 1.4

Products Affected

Vendor Product Version
samsung exynos_1380_firmware *
CVE-2025-54334

An issue was discovered in the NPU driver in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, 2500. There is a NULL Pointer Dereference of hdev in the __npu_vertex_bootup function.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_2500_firmware -
samsung exynos_2200_firmware -
samsung exynos_1480_firmware -
samsung exynos_1580_firmware -
samsung exynos_2400_firmware -
samsung exynos_1280_firmware -
CVE-2025-54335

An issue was discovered in the GPU driver in Samsung Mobile Processor Exynos 1480, 2400, 1580, 2500. There is a use-after-free in the Xclipse GPU Driver.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
samsung exynos_2500_firmware -
samsung exynos_1480_firmware -
samsung exynos_1580_firmware -
samsung exynos_2400_firmware -
CVE-2025-54438

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung magicinfo_9_server *
CVE-2025-54439

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
samsung magicinfo_9_server *
CVE-2025-54440

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung magicinfo_9_server *
CVE-2025-54441

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
samsung magicinfo_9_server *
CVE-2025-54442

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung magicinfo_9_server *
CVE-2025-54443

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung magicinfo_9_server *
CVE-2025-54444

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung magicinfo_9_server *
CVE-2025-54445

Improper Restriction of XML External Entity Reference vulnerability in Samsung Electronics MagicINFO 9 Server allows Server Side Request Forgery.This issue affects MagicINFO 9 Server: less than 21.1080.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 8.2 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N 3.9 4.2
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung magicinfo_9_server *
CVE-2025-54446

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung magicinfo_9_server *
CVE-2025-54447

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
PSIRT@samsung.com 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

Products Affected

Vendor Product Version
samsung magicinfo_9_server *
CVE-2025-54448

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung magicinfo_9_server *
CVE-2025-54449

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung magicinfo_9_server *
CVE-2025-54450

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
PSIRT@samsung.com 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
samsung magicinfo_9_server *
CVE-2025-54451

Improper Control of Generation of Code ('Code Injection') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung magicinfo_9_server *
CVE-2025-54452

Improper Authentication vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 7.3 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 3.9 3.4
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung magicinfo_9_server *
CVE-2025-54453

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
PSIRT@samsung.com 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
samsung magicinfo_9_server *
CVE-2025-54454

Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
PSIRT@samsung.com 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 3.9 5.2

Products Affected

Vendor Product Version
samsung magicinfo_9_server *
CVE-2025-54455

Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 3.9 5.2
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung magicinfo_9_server *
CVE-2025-57834

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem (Exynos 980, 850, 990, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 1680, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400, and Modem 5410). The absence of proper input validation leads to a Denial of Service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung exynos_modem_5300_firmware -
samsung exynos_1480_firmware -
samsung exynos_1680_firmware -
samsung exynos_850_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_9110_firmware -
samsung exynos_2400_firmware -
samsung exynos_1330_firmware -
samsung exynos_1380_firmware -
samsung exynos_2500_firmware -
samsung exynos_2200_firmware -
samsung exynos_2100_firmware -
samsung exynos_modem_5410_firmware -
samsung exynos_modem_5400_firmware -
samsung exynos_1580_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_990_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1280_firmware -
CVE-2025-57836

An issue was discovered in Samsung Magician 6.3.0 through 8.3.2 on Windows. The installer creates a temporary folder with weak permissions during installation, allowing a non-admin user to perform DLL hijacking and escalate privileges.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
samsung magician *
CVE-2025-58340

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/send_delts write operation, leading to kernel memory exhaustion.

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_w930_firmware -
samsung exynos_1480_firmware -
samsung exynos_1580_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2025-58341

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/ap_cert_disable_ht_vht write operation, leading to kernel memory exhaustion.

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_w930_firmware -
samsung exynos_1480_firmware -
samsung exynos_1580_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2025-58342

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/uapsd write operation, leading to kernel memory exhaustion.

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_w930_firmware -
samsung exynos_1480_firmware -
samsung exynos_1580_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2025-58343

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/create_tspec write operation, leading to kernel memory exhaustion.

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_w930_firmware -
samsung exynos_1480_firmware -
samsung exynos_1580_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2025-58344

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation in a /proc/driver/unifi0/conn_log_event_burst_to_us write operation, leading to kernel memory exhaustion.

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_w930_firmware -
samsung exynos_1480_firmware -
samsung exynos_1580_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2025-58345

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/ap_certif_11ax_mode write operation, leading to kernel memory exhaustion.

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_w930_firmware -
samsung exynos_1480_firmware -
samsung exynos_1580_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2025-58346

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/send_addts write operation, leading to kernel memory exhaustion.

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_w930_firmware -
samsung exynos_1480_firmware -
samsung exynos_1580_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2025-58347

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/p2p_certif write operation, leading to kernel memory exhaustion.

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_w930_firmware -
samsung exynos_1480_firmware -
samsung exynos_1580_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2025-58348

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/confg_tspec write operation, leading to kernel memory exhaustion.

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_w930_firmware -
samsung exynos_1480_firmware -
samsung exynos_1580_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_w920_firmware -
samsung exynos_980_firmware -
samsung exynos_1330_firmware -
samsung exynos_1280_firmware -
CVE-2025-58475

Improper input validation in libsec-ril.so prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.6 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L 0.8 4.7

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-58476

Out-of-bounds read vulnerability in bootloader prior to SMR Dec-2025 Release 1 allows physical attackers to access out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.2 MEDIUM CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 0.5 3.6

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-58477

Out-of-bounds write in parsing IFD tag in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-58478

Out-of-bounds write in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-58479

Out-of-bounds read in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-58480

Heap-based buffer overflow in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2025-58481

Improper access control in MPRemoteService of MotionPhoto prior to version 4.1.51 allows local attackers to start privileged service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H 1.3 5.9

Products Affected

Vendor Product Version
samsung motionphoto *
CVE-2025-58482

Improper access control in MPLocalService of MotionPhoto prior to version 4.1.51 allows local attackers to start privileged service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H 1.3 5.9

Products Affected

Vendor Product Version
samsung motionphoto *
CVE-2025-58483

Improper export of android application components in Galaxy Store for Galaxy Watch prior to version 1.0.06.29 allows local attacker to install arbitrary application on Galaxy Store.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2025-58485

Improper input validation in Samsung Internet prior to version 29.0.0.48 allows local attackers to inject arbitrary script.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung internet *
CVE-2025-58486

Improper input validation in Samsung Account prior to version 15.5.01.1 allows local attacker to execute arbitrary script.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
samsung account *
CVE-2025-58487

Improper authorization in Samsung Account prior to version 15.5.01.1 allows local attacker to launch arbitrary activity with Samsung Account privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 2.5 1.4

Products Affected

Vendor Product Version
samsung account *
CVE-2025-58488

Improper verification of source of a communication channel in SmartTouchCall prior to version 1.0.1.1 allows remote attackers to access sensitive information. User interaction is required for triggering this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 4.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N 0.9 3.6

Products Affected

Vendor Product Version
samsung smart_touch_call 1.0.1.1
CVE-2025-59439

An issue was discovered in Samsung Mobile Processor, Wearable Processor and Modem Exynos 980, 990, 850, 1080, 9110, W920, W930, W1000 and Modem 5123. Incorrect handling of NAS Registration messages leads to a Denial of Service because of Improper Handling of Exceptional Conditions.

Products Affected

Vendor Product Version
samsung exynos_w930_firmware -
samsung exynos_850_firmware -
samsung exynos_1080_firmware -
samsung exynos_w1000_firmware -
samsung exynos_990_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_w920_firmware -
samsung exynos_9110_firmware -
samsung exynos_980_firmware -
CVE-2025-62814

An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, and 2400. A NULL pointer dereference of ft_handle in load_fw_utc_vector() causes a denial of service.

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_2200_firmware -
samsung exynos_1480_firmware -
samsung exynos_2400_firmware -
samsung exynos_1280_firmware -
CVE-2025-62815

An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, 1580, and 2500. A NULL pointer dereference of npu_proto_drv.ast.thread_ref in set_cpu_affinity() causes a denial of service.

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_2500_firmware -
samsung exynos_1480_firmware -
samsung exynos_1580_firmware -
samsung exynos_2400_firmware -
CVE-2025-62816

An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, and 2500. Unvalidated VS4L_VERTEXIOC_BOOTUP input leads to a denial of service.

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_2500_firmware -
samsung exynos_2200_firmware -
samsung exynos_1480_firmware -
samsung exynos_1580_firmware -
samsung exynos_2400_firmware -
samsung exynos_1280_firmware -
CVE-2025-62817

An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, and 2500. A NULL pointer dereference of session->ncp_hdr_buf in __pilot_parsing_ncp() causes a denial of service.

Products Affected

Vendor Product Version
samsung exynos_1380_firmware -
samsung exynos_2500_firmware -
samsung exynos_2200_firmware -
samsung exynos_1480_firmware -
samsung exynos_1580_firmware -
samsung exynos_2400_firmware -
samsung exynos_1280_firmware -
CVE-2025-66363

An issue was discovered in LBS in Samsung Mobile Processor Exynos 2200. There was no check for memory initialization within DL NAS Transport messages.

Products Affected

Vendor Product Version
samsung exynos_2200_firmware -
CVE-2026-20968

Use after free in DualDAR prior to SMR Jan-2026 Release 1 allows local privileged attackers to execute arbitrary code.

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2026-20969

Improper input validation in SecSettings prior to SMR Jan-2026 Release 1 allows local attacker to access file with system privilege. User interaction is required for triggering this vulnerability.

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2026-20970

Improper access control in SLocation prior to SMR Jan-2026 Release 1 allows local attackers to execute the privileged APIs.

Products Affected

Vendor Product Version
samsung android 15.0
samsung android 16.0
CVE-2026-20971

Use After Free in PROCA driver prior to SMR Jan-2026 Release 1 allows local attackers to potentially execute arbitrary code.

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2026-20972

Improper Export of Android Application Components in UwbTest prior to SMR Jan-2026 Release 1 allows local attackers to enable UWB.

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2026-20973

Out-of-bounds read in libimagecodec.quram.so prior to SMR Jan-2026 Release 1 allows remote attacker to access out-of-bounds memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
mobile.security@samsung.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2026-20974

Improper input validation in data related to network restrictions prior to SMR Jan-2026 Release 1 allows physical attackers to bypass Carrier Relock.

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2026-20975

Improper handling of insufficient permission in Samsung Cloud prior to version 5.6.11 allows local attackers to access specific files in arbitrary path.

Products Affected

Vendor Product Version
samsung cloud *
CVE-2026-20976

Improper input validation in Galaxy Store prior to version 4.6.02 allows local attacker to execute arbitrary script.

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2026-20977

Improper access control in Emergency Sharing prior to SMR Feb-2026 Release 1 allows local attackers to interrupt its functioning.

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
CVE-2026-20978

Improper authorization in KnoxGuardManager prior to SMR Feb-2026 Release 1 allows local attackers to bypass the persistence configuration of the application.

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
samsung android 13.0
CVE-2026-20979

Improper privilege management in Settings prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Settings privilege.

Products Affected

Vendor Product Version
samsung android 15.0
samsung android 16.0
CVE-2026-20980

Improper input validation in PACM prior to SMR Feb-2026 Release 1 allows physical attacker to execute arbitrary commands.

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
CVE-2026-20981

Improper input validation in FacAtFunction prior to SMR Feb-2026 Release 1 allows privileged physical attacker to execute arbitrary command with system privilege.

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
CVE-2026-20982

Path traversal in ShortcutService prior to SMR Feb-2026 Release 1 allows privileged local attacker to create file with system privilege.

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
samsung android 16.0
CVE-2026-20983

Improper export of android application components in Samsung Dialer prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Samsung Dialer privilege.

Products Affected

Vendor Product Version
samsung android 14.0
samsung android 15.0
CVE-2026-20985

Improper input validation in Samsung Members prior to version 5.6.00.11 allows remote attackers to connect arbitrary URL and launch arbitrary activity with Samsung Members privilege. User interaction is required for triggering this vulnerability.

Products Affected

Vendor Product Version
samsung members *
CVE-2026-20986

Path traversal in Samsung Members prior to Chinese version 15.5.05.4 allows local attackers to overwrite data within Samsung Members.

Products Affected

Vendor Product Version
samsung members *
CVE-2026-20993

Improper export of android application components in Samsung Assistant prior to version 9.3.10.7 allows local attacker to access saved information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung assistant *
CVE-2026-20995

Exposure of sensitive functionality to an unauthorized actor in Smart Switch prior to version 3.7.69.15 allows remote attackers to set a specific configuration.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

Products Affected

Vendor Product Version
samsung smart_switch *
CVE-2026-20996

Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.69.15 allows remote attackers to configure a downgraded scheme for authentication.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

Products Affected

Vendor Product Version
samsung smart_switch *
CVE-2026-20997

Improper verification of cryptographic signature in Smart Switch prior to version 3.7.69.15 allows remote attackers to potentially bypass authentication.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung smart_switch *
CVE-2026-20998

Improper authentication in Smart Switch prior to version 3.7.69.15 allows remote attackers to bypass authentication.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung smart_switch *
CVE-2026-20999

Authentication bypass by replay in Smart Switch prior to version 3.7.69.15 allows remote attackers to trigger privileged functions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

Products Affected

Vendor Product Version
samsung smart_switch *
CVE-2026-21000

Improper access control in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2026-21001

Path traversal in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2026-21002

Improper verification of cryptographic signature in Galaxy Store prior to version 4.6.03.8 allows local attacker to install arbitrary application.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

Products Affected

Vendor Product Version
samsung galaxy_store *
CVE-2026-21004

Improper authentication in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to trigger a denial of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
samsung smart_switch *
CVE-2026-21005

Path traversal in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to overwrite arbitrary files with Smart Switch privilege.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 2.8 3.6

Products Affected

Vendor Product Version
samsung smart_switch *
CVE-2026-25200

A vulnerability in MagicInfo9 Server allows authorized users to upload HTML files without authentication, leading to Stored XSS, which can result in account takeover This issue affects MagicINFO 9 Server: less than 21.1090.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung magicinfo_9_server *
CVE-2026-25201

An unauthenticated user can upload arbitrary files to execute remote code, leading to privilege escalation in MagicInfo9 Server. This issue affects MagicINFO 9 Server: less than 21.1090.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
samsung magicinfo_9_server *
CVE-2026-25202

The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
samsung magicinfo_9_server *
CVE-2026-40448

Potential Integer overflow in tensor allocation size calculation could lead to insufficient memory allocation for large tensors in Samsung Open Source ONE. Affected version is prior to commit  1.30.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 5.3 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H 1.0 4.2

Products Affected

Vendor Product Version
samsung one *
CVE-2026-40449

Integer overflow in buffer size calculation could result in out of bounds memory access when handling large tensors in Samsung Open Source ONE. Affected version is prior to commit 1.30.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 6.6 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H 1.8 4.7

Products Affected

Vendor Product Version
samsung one *
CVE-2026-40450

Integer overflow in output tensor copy size calculation in Samsung Open Source ONE could cause incorrect copy length and memory corruption for oversized tensors. Affected version is prior to commit 1.30.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 6.6 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H 1.8 4.7

Products Affected

Vendor Product Version
samsung one *
CVE-2026-41664

Integer overflow in memory copy size calculation in Samsung Open Source ONE could lead to invalid memory operations with large tensor shapes. Affected version is prior to commit 1.30.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 6.6 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H 1.8 4.7

Products Affected

Vendor Product Version
samsung one *
CVE-2026-41665

Integer overflow in scratch buffer initialization size calculation in Samsung Open Source ONE cause incorrect memory initialization for large intermediate tensors. Affected version is prior to commit 1.30.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 6.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H 1.8 4.2

Products Affected

Vendor Product Version
samsung one *
CVE-2026-41666

Integer overflow in tensor copy size calculation in Samsung Open Source ONE could lead to out of bounds access during loop state propagation. Affected version is prior to commit 1.30.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 6.6 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H 1.8 4.7

Products Affected

Vendor Product Version
samsung one *
CVE-2026-41667

Integer overflow in constant tensor data size calculation in Samsung Open Source ONE could cause incorrect buffer sizing for large constant nodes. Affected version is prior to commit 1.30.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 6.6 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H 1.8 4.7

Products Affected

Vendor Product Version
samsung one *
CVE-2026-6839

Improper validation of STRING tensor offsets could allows malformed string metadata to trigger out of bounds access during constant tensor import in Samsung Open Source ONE Affected version is prior to commit 1.30.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
PSIRT@samsung.com 6.6 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H 1.8 4.7

Products Affected

Vendor Product Version
samsung one *