CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-25369

An improper access control vulnerability in sec_log file prior to SMR MAR-2021 Release 1 exposes sensitive kernel information to userspace.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.1%

CVSS Severity

CVSS v3 Score 6.2

CVSS v2 Score 2.1

Proposed Action

Samsung mobile devices using Mali GPU contains an improper access control vulnerability in sec_log file. Exploitation of the vulnerability exposes sensitive kernel information to the userspace. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25370.

Ransomware Campaign

Unknown

References

https://security.samsungmobile.com
https://security.samsungmobile.com/securityUpdate.smsb
https://security.samsungmobile.com
https://security.samsungmobile.com/securityUpdate.smsb

Products affected by CVE-2021-25369

Samsung » Android » Version: 10.0

cpe:2.3:o:samsung:android:10.0
Samsung » Android » Version: 8.0

cpe:2.3:o:samsung:android:8.0
Samsung » Android » Version: 8.1

cpe:2.3:o:samsung:android:8.1
Samsung » Android » Version: 9.0

cpe:2.3:o:samsung:android:9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-25369

Products

Pricing

Contact Us