Shodan
Vulnerabilities
Vulnerable Software
Samsung:  Security Vulnerabilities
CVE-2026-20991
Improper privilege management in ThemeManager prior to SMR Mar-2026 Release 1 allows local privileged attackers to reuse trial contents.
CVSS Score
6.7
EPSS Score
0.0
Published
2026-03-16
CVE-2025-62816
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, and 2500. Unvalidated VS4L_VERTEXIOC_BOOTUP input leads to a denial of service.
CVSS Score
5.5
EPSS Score
0.0
Published
2026-03-03
CVE-2025-62817
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, and 2500. A NULL pointer dereference of session->ncp_hdr_buf in __pilot_parsing_ncp() causes a denial of service.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-03-03
CVE-2025-62814
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, and 2400. A NULL pointer dereference of ft_handle in load_fw_utc_vector() causes a denial of service.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-03-03
CVE-2025-62815
An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, 1580, and 2500. A NULL pointer dereference of npu_proto_drv.ast.thread_ref in set_cpu_affinity() causes a denial of service.
CVSS Score
5.5
EPSS Score
0.0
Published
2026-03-03
CVE-2025-66363
An issue was discovered in LBS in Samsung Mobile Processor Exynos 2200. There was no check for memory initialization within DL NAS Transport messages.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-03-03
CVE-2026-20981
Improper input validation in FacAtFunction prior to SMR Feb-2026 Release 1 allows privileged physical attacker to execute arbitrary command with system privilege.
CVSS Score
5.4
EPSS Score
0.0
Published
2026-02-04
CVE-2026-20982
Path traversal in ShortcutService prior to SMR Feb-2026 Release 1 allows privileged local attacker to create file with system privilege.
CVSS Score
6.8
EPSS Score
0.0
Published
2026-02-04
CVE-2026-20983
Improper export of android application components in Samsung Dialer prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Samsung Dialer privilege.
CVSS Score
8.4
EPSS Score
0.0
Published
2026-02-04
CVE-2026-20985
Improper input validation in Samsung Members prior to version 5.6.00.11 allows remote attackers to connect arbitrary URL and launch arbitrary activity with Samsung Members privilege. User interaction is required for triggering this vulnerability.
CVSS Score
7.0
EPSS Score
0.0
Published
2026-02-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved