Shodan
Vulnerabilities
Vulnerable Software
Samsung:  Security Vulnerabilities
CVE-2021-25351
Improper Access Control in EmailValidationView in Samsung Account prior to version 10.7.0.7 and 12.1.1.3 allows physically proximate attackers to log out user account on device without user password.
CVSS Score
3.2
EPSS Score
0.0
Published
2021-03-25
CVE-2021-25352
Using PendingIntent with implicit intent in Bixby Voice prior to version 3.0.52.14 allows attackers to execute privileged action by hijacking and modifying the intent.
CVSS Score
5.5
EPSS Score
0.0
Published
2021-03-25
CVE-2021-25353
Using empty PendingIntent in Galaxy Themes prior to version 5.2.00.1215 allows local attackers to read/write private file directories of Galaxy Themes application without permission via hijacking the PendingIntent.
CVSS Score
5.5
EPSS Score
0.0
Published
2021-03-25
CVE-2021-25354
Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch non-exported activity in Samsung Browser via malicious deeplink.
CVSS Score
3.3
EPSS Score
0.002
Published
2021-03-25
CVE-2021-25355
Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent.
CVSS Score
5.5
EPSS Score
0.0
Published
2021-03-25
CVE-2021-25366
Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication.
CVSS Score
3.2
EPSS Score
0.001
Published
2021-03-25
CVE-2021-25345
Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format.
CVSS Score
4.0
EPSS Score
0.0
Published
2021-03-04
CVE-2021-25348
Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to files in internal storage without authorized STORAGE permission.
CVSS Score
2.1
EPSS Score
0.001
Published
2021-03-04
CVE-2021-25341
Calling of non-existent provider in S Assistant prior to version 6.5.01.22 allows unauthorized actions including denial of service attack by hijacking the provider.
CVSS Score
4.0
EPSS Score
0.001
Published
2021-03-04
CVE-2021-25342
Calling of non-existent provider in SMP sdk prior to version 3.0.9 allows unauthorized actions including denial of service attack by hijacking the provider.
CVSS Score
4.0
EPSS Score
0.001
Published
2021-03-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved