CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-21035

Improper access control in Samsung Calendar prior to version 12.5.06.5 in Android 14 and 12.6.01.12 in Android 15 allows physical attackers to access data across multiple user profiles.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 10.8%

CVSS Severity

CVSS v3 Score 4.6

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=09

Products affected by CVE-2025-21035

Samsung » Calendar » Version: N/A

cpe:2.3:a:samsung:calendar:-
Samsung » Calendar » Version: 11.6.08.0

cpe:2.3:a:samsung:calendar:11.6.08.0
Samsung » Calendar » Version: 12.2.11.3000

cpe:2.3:a:samsung:calendar:12.2.11.3000
Samsung » Calendar » Version: 12.3.05.10000

cpe:2.3:a:samsung:calendar:12.3.05.10000
Samsung » Calendar » Version: 12.3.07.2000

cpe:2.3:a:samsung:calendar:12.3.07.2000
Samsung » Calendar » Version: 12.4.02.0

cpe:2.3:a:samsung:calendar:12.4.02.0
Samsung » Calendar » Version: 12.5.06.5

cpe:2.3:a:samsung:calendar:12.5.06.5
Google » Android » Version: 14.0

cpe:2.3:o:google:android:14.0
Google » Android » Version: 15.0

cpe:2.3:o:google:android:15.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-21035

Products

Pricing

Contact Us