CVE-2025-21036 | THREATINT

Description

Improper access control in Samsung Notes prior to version 4.4.30.63 allows local privileged attackers to access exported note files. User interaction is required for triggering this vulnerability.

PUBLISHED Reserved 2024-11-06 | Published 2025-09-03 | Updated 2025-09-03 | Assigner SamsungMobile

MEDIUM: 5.0CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Problem types

CWE-927: Use of Implicit Intent for Sensitive Communication

Product status

Default status

affected

4.4.30.63

unaffected

References

security.samsungmobile.com/...iceWeb.smsb?year=2025&month=09

cve.org (CVE-2025-21036)

nvd.nist.gov (CVE-2025-21036)

Download JSON