CVE-2025-20902

Description

Improper access control in Media Controller prior to version 1.0.24.5282 allows local attacker to launch activities in MediaController's privilege.

PUBLISHED Reserved 2024-11-06 | Published 2025-02-04 | Updated 2025-02-04 | Assigner SamsungMobile

Problem types

CWE-926 : Improper Export of Android Application Components

Product status

References

security.samsungmobile.com/...iceWeb.smsb?year=2025&month=01

cve.org (CVE-2025-20902)

nvd.nist.gov (CVE-2025-20902)

Download JSON