CVE-2025-21019 | THREATINT

Description

Improper authorization in Samsung Health prior to version 6.30.1.003 allows local attackers to access data in Samsung Health. User interaction is required for triggering this vulnerability.

PUBLISHED Reserved 2024-11-06 | Published 2025-08-06 | Updated 2025-08-06 | Assigner SamsungMobile

MEDIUM: 5.5CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Problem types

CWE-285: Improper Authorization

Product status

Default status

affected

6.30.1.003

unaffected

References

security.samsungmobile.com/...iceWeb.smsb?year=2025&month=08

cve.org (CVE-2025-21019)

nvd.nist.gov (CVE-2025-21019)

Download JSON