CVE-2025-21037 | THREATINT

Description

Improper access control in Samsung Notes prior to version 4.4.30.63 allows physical attackers to access data across multiple user profiles. User interaction is required for triggering this vulnerability.

PUBLISHED Reserved 2024-11-06 | Published 2025-09-03 | Updated 2025-09-03 | Assigner SamsungMobile

MEDIUM: 4.1CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Problem types

CWE-284: Improper Access Control

Product status

Default status

affected

4.4.30.63

unaffected

References

security.samsungmobile.com/...iceWeb.smsb?year=2025&month=09

cve.org (CVE-2025-21037)

nvd.nist.gov (CVE-2025-21037)

Download JSON