Samsung: Security Vulnerabilities
Intent redirection in Samsung Experience Service versions 10.8.0.4 in Android P(9.0) below, and 12.2.0.5 in Android Q(10.0) above allows attacker to execute privileged action.
CVSS Score
3.3
EPSS Score
0.0
Published
2021-04-09
Improper access control of certain port in SmartThings prior to version 1.7.63.6 allows remote temporary denial of service.
CVSS Score
4.3
EPSS Score
0.004
Published
2021-04-09
Intent redirection vulnerability in Gallery prior to version 5.4.16.1 allows attacker to execute privileged action.
CVSS Score
4.0
EPSS Score
0.001
Published
2021-04-09
Improper handling of exceptional conditions in Bixby prior to version 3.0.53.02 allows attacker to execute the actions registered by the user.
CVSS Score
5.8
EPSS Score
0.003
Published
2021-04-09
Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in Android P(9.0) and below, and 12.1.1.3 in Android Q(10.0) and above allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.
CVSS Score
5.5
EPSS Score
0.0
Published
2021-04-09
CVE-2021-25369
An improper access control vulnerability in sec_log file prior to SMR MAR-2021 Release 1 exposes sensitive kernel information to userspace.
Known exploited
CVSS Score
6.2
EPSS Score
0.002
Published
2021-03-26
CVE-2021-25370
An incorrect implementation handling file descriptor in dpu driver prior to SMR Mar-2021 Release 1 results in memory corruption leading to kernel panic.
Known exploited
CVSS Score
6.1
EPSS Score
0.002
Published
2021-03-26
CVE-2021-25371
A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP.
Known exploited
CVSS Score
6.1
EPSS Score
0.009
Published
2021-03-26
CVE-2021-25372
An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access.
Known exploited
CVSS Score
6.1
EPSS Score
0.009
Published
2021-03-26
Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission.
CVSS Score
3.7
EPSS Score
0.002
Published
2021-03-25