CVE-2025-20969 | THREATINT

Description

Improper input validation in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows local attackers to access data within Samsung Gallery.

PUBLISHED Reserved 2024-11-06 | Published 2025-05-07 | Updated 2025-05-07 | Assigner SamsungMobile

MEDIUM: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-20: Improper Input Validation

Product status

Default status

affected

14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14

unaffected

References

security.samsungmobile.com/...iceWeb.smsb?year=2025&month=05

cve.org (CVE-2025-20969)

nvd.nist.gov (CVE-2025-20969)

Download JSON