CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-25356

An improper caller check vulnerability in Managed Provisioning prior to SMR APR-2021 Release 1 allows unprivileged application to install arbitrary application, grant device admin permission and then delete several installed application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 32.0%

CVSS Severity

CVSS v3 Score 7.1

CVSS v2 Score 7.2

References

https://blog.oversecured.com/Two-weeks-of-securing-Samsung-devices-Part-1/
https://security.samsungmobile.com/
https://security.samsungmobile.com/securityUpdate.smsb
https://blog.oversecured.com/Two-weeks-of-securing-Samsung-devices-Part-1/
https://security.samsungmobile.com/
https://security.samsungmobile.com/securityUpdate.smsb

Products affected by CVE-2021-25356

Google » Android » Version: 10.0

cpe:2.3:o:google:android:10.0
Google » Android » Version: 11.0

cpe:2.3:o:google:android:11.0
Google » Android » Version: 8.1

cpe:2.3:o:google:android:8.1
Google » Android » Version: 9.0

cpe:2.3:o:google:android:9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-25356

Products

Pricing

Contact Us