CVE-2025-20968 | THREATINT

Description

Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows remote attackers to access data and perform internal operations within Samsung Gallery.

PUBLISHED Reserved 2024-11-06 | Published 2025-05-07 | Updated 2025-05-07 | Assigner SamsungMobile

HIGH: 7.2CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Problem types

CWE-284 Improper Access Control

Product status

Default status

affected

14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14

unaffected

References

security.samsungmobile.com/...iceWeb.smsb?year=2025&month=05

cve.org (CVE-2025-20968)

nvd.nist.gov (CVE-2025-20968)

Download JSON