CVE-2025-20926 | THREATINT

Description

Improper export of Android application components in My Files prior to version 15.0.07.5 in Android 14 allows local attackers to access files with My Files' privilege.

PUBLISHED Reserved 2024-11-06 | Published 2025-03-06 | Updated 2025-03-06 | Assigner SamsungMobile

MEDIUM: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-926 : Improper Export of Android Application Components

Product status

Default status

affected

15.0.07.5

unaffected

References

security.samsungmobile.com/...iceWeb.smsb?year=2025&month=03

cve.org (CVE-2025-20926)

nvd.nist.gov (CVE-2025-20926)

Download JSON