CVE-2025-21076 | THREATINT

Description

Improper handling of insufficient permissions or privileges in Samsung Account prior to version 15.5.00.18 allows local attackers to access data in Samsung Account. User interaction is required for triggering this vulnerability.

PUBLISHED Reserved 2024-11-06 | Published 2025-11-05 | Updated 2025-11-07 | Assigner SamsungMobile

MEDIUM: 5.5CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Problem types

CWE-280: Improper Handling of Insufficient Permissions or Privileges

Product status

Default status

affected

15.5.00.18

unaffected

References

security.samsungmobile.com/...iceWeb.smsb?year=2025&month=11

cve.org (CVE-2025-21076)

nvd.nist.gov (CVE-2025-21076)

Download JSON