CVE-2025-21060 | THREATINT

Description

Cleartext storage of sensitive information in Smart Switch prior to version 3.7.67.2 allows local attackers to access backup data from applications. User interaction is required for triggering this vulnerability.

PUBLISHED Reserved 2024-11-06 | Published 2025-10-10 | Updated 2025-10-10 | Assigner SamsungMobile

MEDIUM: 5.5CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Problem types

CWE-312 Cleartext Storage of Sensitive Information

Product status

Default status

affected

3.7.67.2

unaffected

References

security.samsungmobile.com/...iceWeb.smsb?year=2025&month=10

cve.org (CVE-2025-21060)

nvd.nist.gov (CVE-2025-21060)

Download JSON