Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2025-0726
Vulnerability from csaf_certbund - Published: 2025-04-07 22:00 - Updated: 2025-11-09 23:00Summary
Samsung Android: Mehrere Schwachstellen
Severity
Kritisch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Das Android Betriebssystem ist eine quelloffene Plattform für mobile Geräte. Die Basis bildet der Linux-Kernel.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Samsung Android ausnutzen, um seine Privilegien zu erhöhen, Sicherheitsmaßnahmen zu umgehen, Daten zu manipulieren, vertrauliche Informationen preiszugeben, beliebigen Code auszuführen oder einen Denial-of-Service-Zustand zu verursachen.
Betroffene Betriebssysteme: - Android
References
{
"document": {
"aggregate_severity": {
"text": "kritisch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Das Android Betriebssystem ist eine quelloffene Plattform f\u00fcr mobile Ger\u00e4te. Die Basis bildet der Linux-Kernel.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Samsung Android ausnutzen, um seine Privilegien zu erh\u00f6hen, Sicherheitsma\u00dfnahmen zu umgehen, Daten zu manipulieren, vertrauliche Informationen preiszugeben, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Android",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0726 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0726.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0726 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0726"
},
{
"category": "external",
"summary": "Samsung Security Update vom 2025-04-07",
"url": "https://security.samsungmobile.com/securityUpdate.smsb"
},
{
"category": "external",
"summary": "Paloalto Research vom 2025-11-09",
"url": "https://unit42.paloaltonetworks.com/landfall-is-new-commercial-grade-android-spyware/"
}
],
"source_lang": "en-US",
"title": "Samsung Android: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-11-09T23:00:00.000+00:00",
"generator": {
"date": "2025-11-10T12:07:20.825+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-0726",
"initial_release_date": "2025-04-07T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-04-07T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-11-09T23:00:00.000+00:00",
"number": "2",
"summary": "Aktive Ausnutzung gemeldet"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "14 \u003cSMR Apr-2025",
"product": {
"name": "Samsung Android 14 \u003cSMR Apr-2025",
"product_id": "T042443"
}
},
{
"category": "product_version",
"name": "14 SMR Apr-2025",
"product": {
"name": "Samsung Android 14 SMR Apr-2025",
"product_id": "T042443-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:samsung:android:14__smr_apr-2025"
}
}
},
{
"category": "product_version_range",
"name": "13 \u003cSMR Apr-2025",
"product": {
"name": "Samsung Android 13 \u003cSMR Apr-2025",
"product_id": "T042444"
}
},
{
"category": "product_version",
"name": "13 SMR Apr-2025",
"product": {
"name": "Samsung Android 13 SMR Apr-2025",
"product_id": "T042444-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:samsung:android:13__smr_apr-2025"
}
}
},
{
"category": "product_version_range",
"name": "15 \u003cSMR Apr-2025",
"product": {
"name": "Samsung Android 15 \u003cSMR Apr-2025",
"product_id": "T042445"
}
},
{
"category": "product_version",
"name": "15 SMR Apr-2025",
"product": {
"name": "Samsung Android 15 SMR Apr-2025",
"product_id": "T042445-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:samsung:android:15__smr_apr-2025"
}
}
},
{
"category": "product_version_range",
"name": "Watch 14 \u003cSMR Apr-2025",
"product": {
"name": "Samsung Android Watch 14 \u003cSMR Apr-2025",
"product_id": "T042446"
}
},
{
"category": "product_version",
"name": "Watch 14 SMR Apr-2025",
"product": {
"name": "Samsung Android Watch 14 SMR Apr-2025",
"product_id": "T042446-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:samsung:android:watch_14__smr_apr-2025"
}
}
}
],
"category": "product_name",
"name": "Android"
}
],
"category": "vendor",
"name": "Samsung"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-20934",
"product_status": {
"known_affected": [
"T042443",
"T042444",
"T042445",
"T042446"
]
},
"release_date": "2025-04-07T22:00:00.000+00:00",
"title": "CVE-2025-20934"
},
{
"cve": "CVE-2025-20935",
"product_status": {
"known_affected": [
"T042443",
"T042444",
"T042445",
"T042446"
]
},
"release_date": "2025-04-07T22:00:00.000+00:00",
"title": "CVE-2025-20935"
},
{
"cve": "CVE-2025-20936",
"product_status": {
"known_affected": [
"T042443",
"T042444",
"T042445",
"T042446"
]
},
"release_date": "2025-04-07T22:00:00.000+00:00",
"title": "CVE-2025-20936"
},
{
"cve": "CVE-2025-20938",
"product_status": {
"known_affected": [
"T042443",
"T042444",
"T042445",
"T042446"
]
},
"release_date": "2025-04-07T22:00:00.000+00:00",
"title": "CVE-2025-20938"
},
{
"cve": "CVE-2025-20939",
"product_status": {
"known_affected": [
"T042443",
"T042444",
"T042445",
"T042446"
]
},
"release_date": "2025-04-07T22:00:00.000+00:00",
"title": "CVE-2025-20939"
},
{
"cve": "CVE-2025-20940",
"product_status": {
"known_affected": [
"T042443",
"T042444",
"T042445",
"T042446"
]
},
"release_date": "2025-04-07T22:00:00.000+00:00",
"title": "CVE-2025-20940"
},
{
"cve": "CVE-2025-20941",
"product_status": {
"known_affected": [
"T042443",
"T042444",
"T042445",
"T042446"
]
},
"release_date": "2025-04-07T22:00:00.000+00:00",
"title": "CVE-2025-20941"
},
{
"cve": "CVE-2025-20942",
"product_status": {
"known_affected": [
"T042443",
"T042444",
"T042445",
"T042446"
]
},
"release_date": "2025-04-07T22:00:00.000+00:00",
"title": "CVE-2025-20942"
},
{
"cve": "CVE-2025-20943",
"product_status": {
"known_affected": [
"T042443",
"T042444",
"T042445",
"T042446"
]
},
"release_date": "2025-04-07T22:00:00.000+00:00",
"title": "CVE-2025-20943"
},
{
"cve": "CVE-2025-20944",
"product_status": {
"known_affected": [
"T042443",
"T042444",
"T042445",
"T042446"
]
},
"release_date": "2025-04-07T22:00:00.000+00:00",
"title": "CVE-2025-20944"
},
{
"cve": "CVE-2025-20945",
"product_status": {
"known_affected": [
"T042443",
"T042444",
"T042445",
"T042446"
]
},
"release_date": "2025-04-07T22:00:00.000+00:00",
"title": "CVE-2025-20945"
},
{
"cve": "CVE-2025-20946",
"product_status": {
"known_affected": [
"T042443",
"T042444",
"T042445",
"T042446"
]
},
"release_date": "2025-04-07T22:00:00.000+00:00",
"title": "CVE-2025-20946"
},
{
"cve": "CVE-2025-20947",
"product_status": {
"known_affected": [
"T042443",
"T042444",
"T042445",
"T042446"
]
},
"release_date": "2025-04-07T22:00:00.000+00:00",
"title": "CVE-2025-20947"
},
{
"cve": "CVE-2025-20948",
"product_status": {
"known_affected": [
"T042443",
"T042444",
"T042445",
"T042446"
]
},
"release_date": "2025-04-07T22:00:00.000+00:00",
"title": "CVE-2025-20948"
},
{
"cve": "CVE-2025-20952",
"product_status": {
"known_affected": [
"T042443",
"T042444",
"T042445",
"T042446"
]
},
"release_date": "2025-04-07T22:00:00.000+00:00",
"title": "CVE-2025-20952"
},
{
"cve": "CVE-2025-21042",
"product_status": {
"known_affected": [
"T042443",
"T042444",
"T042445",
"T042446"
]
},
"release_date": "2025-04-07T22:00:00.000+00:00",
"title": "CVE-2025-21042"
}
]
}
CVE-2025-21042 (GCVE-0-2025-21042)
Vulnerability from cvelistv5 – Published: 2025-09-12 07:21 – Updated: 2026-02-26 17:48
VLAI?
EPSS
Summary
Out-of-bounds write in libimagecodec.quram.so prior to SMR Apr-2025 Release 1 allows remote attackers to execute arbitrary code.
Severity ?
8.8 (High)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Apr-2025 Release in Android 13, 14, 15
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-21042",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-11T04:55:33.177810Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-11-10",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-21042"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:48:40.023Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-21042"
},
{
"url": "https://unit42.paloaltonetworks.com/landfall-is-new-commercial-grade-android-spyware/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-11-10T00:00:00.000Z",
"value": "CVE-2025-21042 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Apr-2025 Release in Android 13, 14, 15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write in libimagecodec.quram.so prior to SMR Apr-2025 Release 1 allows remote attackers to execute arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-787 Out-of-bounds Write",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-12T07:21:49.997Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025\u0026month=04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-21042",
"datePublished": "2025-09-12T07:21:49.997Z",
"dateReserved": "2024-11-06T02:30:14.888Z",
"dateUpdated": "2026-02-26T17:48:40.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20935 (GCVE-0-2025-20935)
Vulnerability from cvelistv5 – Published: 2025-04-08 04:39 – Updated: 2025-04-08 14:51
VLAI?
EPSS
Summary
Improper handling of insufficient permission or privileges in ClipboardService prior to SMR Apr-2025 Release 1 allows local attackers to access files with system privilege. User interaction is required for triggering this vulnerability.
Severity ?
5.5 (Medium)
CWE
- CWE-280 - Improper Handling of Insufficient Permissions or Privileges
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Apr-2025 Release in Android 13, 14, 15
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20935",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T13:18:20.875542Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T14:51:43.308Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Apr-2025 Release in Android 13, 14, 15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper handling of insufficient permission or privileges in ClipboardService prior to SMR Apr-2025 Release 1 allows local attackers to access files with system privilege. User interaction is required for triggering this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-280: Improper Handling of Insufficient Permissions or Privileges",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T04:39:48.668Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025\u0026month=04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20935",
"datePublished": "2025-04-08T04:39:48.668Z",
"dateReserved": "2024-11-06T02:30:14.855Z",
"dateUpdated": "2025-04-08T14:51:43.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20938 (GCVE-0-2025-20938)
Vulnerability from cvelistv5 – Published: 2025-04-08 04:39 – Updated: 2025-04-08 14:51
VLAI?
EPSS
Summary
Improper access control in SamsungContacts prior to SMR Apr-2025 Release 1 allows local attackers to access protected data in SamsungContacts.
Severity ?
5.5 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Apr-2025 Release in Android 14
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20938",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T13:17:53.027343Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T14:51:22.667Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Apr-2025 Release in Android 14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in SamsungContacts prior to SMR Apr-2025 Release 1 allows local attackers to access protected data in SamsungContacts."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-284 Improper Access Control",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T04:39:51.601Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025\u0026month=04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20938",
"datePublished": "2025-04-08T04:39:51.601Z",
"dateReserved": "2024-11-06T02:30:14.856Z",
"dateUpdated": "2025-04-08T14:51:22.667Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20940 (GCVE-0-2025-20940)
Vulnerability from cvelistv5 – Published: 2025-04-08 04:39 – Updated: 2025-04-08 18:23
VLAI?
EPSS
Summary
Improper handling of insufficient permission in Samsung Device Health Manager Service prior to SMR Apr-2025 Release 1 allows local attackers to access provider in SDMHS.
Severity ?
4 (Medium)
CWE
- CWE-287 - Improper Authentication
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Apr-2025 Release in Android Watch 14
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20940",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T15:44:42.925590Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T18:23:49.927Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Apr-2025 Release in Android Watch 14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper handling of insufficient permission in Samsung Device Health Manager Service prior to SMR Apr-2025 Release 1 allows local attackers to access provider in SDMHS."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-287: Improper Authentication",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T04:39:54.112Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025\u0026month=04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20940",
"datePublished": "2025-04-08T04:39:54.112Z",
"dateReserved": "2024-11-06T02:30:14.857Z",
"dateUpdated": "2025-04-08T18:23:49.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20942 (GCVE-0-2025-20942)
Vulnerability from cvelistv5 – Published: 2025-04-08 04:39 – Updated: 2025-04-08 18:23
VLAI?
EPSS
Summary
Improper Verification of Intent by Broadcast Receiver in DeviceIdService prior to SMR Apr-2025 Release 1 allows local attackers to reset OAID.
Severity ?
4.4 (Medium)
CWE
- CWE-925 - Improper Verification of Intent by Broadcast Receiver
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Apr-2025 Release in Select Android 13, 14, 15 devices
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20942",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T15:44:32.398374Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T18:23:32.614Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Apr-2025 Release in Select Android 13, 14, 15 devices"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper Verification of Intent by Broadcast Receiver in DeviceIdService prior to SMR Apr-2025 Release 1 allows local attackers to reset OAID."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-925: Improper Verification of Intent by Broadcast Receiver",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T04:39:56.536Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025\u0026month=04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20942",
"datePublished": "2025-04-08T04:39:56.536Z",
"dateReserved": "2024-11-06T02:30:14.857Z",
"dateUpdated": "2025-04-08T18:23:32.614Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20943 (GCVE-0-2025-20943)
Vulnerability from cvelistv5 – Published: 2025-04-08 04:39 – Updated: 2025-04-08 18:23
VLAI?
EPSS
Summary
Out-of-bounds write in secfr trustlet prior to SMR Apr-2025 Release 1 allows local privileged attackers to cause memory corruption.
Severity ?
6.4 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Apr-2025 Release in Android 13, 14, 15
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20943",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T15:44:27.178844Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T18:23:25.756Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Apr-2025 Release in Android 13, 14, 15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write in secfr trustlet prior to SMR Apr-2025 Release 1 allows local privileged attackers to cause memory corruption."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-787 Out-of-bounds Write",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T04:39:58.167Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025\u0026month=04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20943",
"datePublished": "2025-04-08T04:39:58.167Z",
"dateReserved": "2024-11-06T02:30:14.857Z",
"dateUpdated": "2025-04-08T18:23:25.756Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20944 (GCVE-0-2025-20944)
Vulnerability from cvelistv5 – Published: 2025-04-08 04:39 – Updated: 2025-04-08 15:31
VLAI?
EPSS
Summary
Out-of-bounds read in parsing audio data in libsavsac.so prior to SMR Apr-2025 Release 1 allows local attackers to read out-of-bounds memory.
Severity ?
6.2 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Apr-2025 Release in Android 13, 14, 15
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20944",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T15:13:56.738787Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T15:31:05.498Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Apr-2025 Release in Android 13, 14, 15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in parsing audio data in libsavsac.so prior to SMR Apr-2025 Release 1 allows local attackers to read out-of-bounds memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T04:39:59.420Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025\u0026month=04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20944",
"datePublished": "2025-04-08T04:39:59.420Z",
"dateReserved": "2024-11-06T02:30:14.858Z",
"dateUpdated": "2025-04-08T15:31:05.498Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20946 (GCVE-0-2025-20946)
Vulnerability from cvelistv5 – Published: 2025-04-08 04:50 – Updated: 2026-02-26 18:28
VLAI?
EPSS
Summary
Improper handling of exceptional conditions in pairing specific bluetooth devices in Galaxy Watch Bluetooth pairing prior to SMR Apr-2025 Release 1 allows local attackers to pair with specific bluetooth devices without user interaction.
Severity ?
8.8 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Apr-2025 Release in Android Watch 14
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20946",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-09T04:00:29.239886Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T18:28:44.680Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Apr-2025 Release in Android Watch 14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper handling of exceptional conditions in pairing specific bluetooth devices in Galaxy Watch Bluetooth pairing prior to SMR Apr-2025 Release 1 allows local attackers to pair with specific bluetooth devices without user interaction."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-269: Improper Privilege Management",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T04:50:11.304Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025\u0026month=04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20946",
"datePublished": "2025-04-08T04:50:11.304Z",
"dateReserved": "2024-11-06T02:30:14.863Z",
"dateUpdated": "2026-02-26T18:28:44.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20945 (GCVE-0-2025-20945)
Vulnerability from cvelistv5 – Published: 2025-04-08 04:40 – Updated: 2025-04-08 15:30
VLAI?
EPSS
Summary
Improper access control in Galaxy Watch prior to SMR Apr-2025 Release 1 allows local attackers to access sensitive information of Galaxy watch.
Severity ?
4 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Apr-2025 Release in Android Watch 14
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20945",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T15:13:03.815036Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T15:30:54.434Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Apr-2025 Release in Android Watch 14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in Galaxy Watch prior to SMR Apr-2025 Release 1 allows local attackers to access sensitive information of Galaxy watch."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-284: Improper Access Control",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T04:40:00.610Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025\u0026month=04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20945",
"datePublished": "2025-04-08T04:40:00.610Z",
"dateReserved": "2024-11-06T02:30:14.858Z",
"dateUpdated": "2025-04-08T15:30:54.434Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20952 (GCVE-0-2025-20952)
Vulnerability from cvelistv5 – Published: 2025-04-09 07:35 – Updated: 2025-04-09 17:33
VLAI?
EPSS
Summary
Improper access control in Mdecservice prior to SMR Apr-2025 Release 1 allows local attackers to access arbitrary files with system privilege.
Severity ?
5.5 (Medium)
CWE
- CWE-926 - Improper Export of Android Application Components
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Apr-2025 Release in Android 15
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20952",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-09T17:32:07.126793Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T17:33:36.593Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Apr-2025 Release in Android 15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in Mdecservice prior to SMR Apr-2025 Release 1 allows local attackers to access arbitrary files with system privilege."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-926 : Improper Export of Android Application Components",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T07:35:41.949Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025\u0026month=04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20952",
"datePublished": "2025-04-09T07:35:41.949Z",
"dateReserved": "2024-11-06T02:30:14.864Z",
"dateUpdated": "2025-04-09T17:33:36.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20941 (GCVE-0-2025-20941)
Vulnerability from cvelistv5 – Published: 2025-04-08 04:39 – Updated: 2025-04-08 18:23
VLAI?
EPSS
Summary
Improper access control in InputManager to SMR Apr-2025 Release 1 allows local attackers to access the scancode of specific input device.
Severity ?
6.2 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Apr-2025 Release in Android 13, 14, 15
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20941",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T15:44:37.912258Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T18:23:40.167Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Apr-2025 Release in Android 13, 14, 15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in InputManager to SMR Apr-2025 Release 1 allows local attackers to access the scancode of specific input device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-284: Improper Access Control",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T04:39:55.352Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025\u0026month=04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20941",
"datePublished": "2025-04-08T04:39:55.352Z",
"dateReserved": "2024-11-06T02:30:14.857Z",
"dateUpdated": "2025-04-08T18:23:40.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20947 (GCVE-0-2025-20947)
Vulnerability from cvelistv5 – Published: 2025-04-08 04:40 – Updated: 2025-04-08 15:30
VLAI?
EPSS
Summary
Improper handling of insufficient permission or privileges in ClipboardService prior to SMR Apr-2025 Release 1 allows local attackers to access image files across multiple users. User interaction is required for triggering this vulnerability.
Severity ?
5.5 (Medium)
CWE
- CWE-280 - Improper Handling of Insufficient Permissions or Privileges
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Apr-2025 Release in Android 13, 14, 15
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20947",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T15:12:57.234895Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T15:30:43.765Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Apr-2025 Release in Android 13, 14, 15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper handling of insufficient permission or privileges in ClipboardService prior to SMR Apr-2025 Release 1 allows local attackers to access image files across multiple users. User interaction is required for triggering this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-280: Improper Handling of Insufficient Permissions or Privileges",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T04:40:01.908Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025\u0026month=04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20947",
"datePublished": "2025-04-08T04:40:01.908Z",
"dateReserved": "2024-11-06T02:30:14.863Z",
"dateUpdated": "2025-04-08T15:30:43.765Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20934 (GCVE-0-2025-20934)
Vulnerability from cvelistv5 – Published: 2025-04-08 04:39 – Updated: 2025-04-08 14:18
VLAI?
EPSS
Summary
Improper access control in Sticker Center prior to SMR Apr-2025 Release 1 allows local attackers to access image files with system privilege.
Severity ?
5.5 (Medium)
CWE
- CWE-926 - Improper Export of Android Application Components
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Apr-2025 Release in Android 14
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20934",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T14:17:51.532541Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "CWE-926 Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T14:18:36.146Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Apr-2025 Release in Android 14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in Sticker Center prior to SMR Apr-2025 Release 1 allows local attackers to access image files with system privilege."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-926 : Improper Export of Android Application Components",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T04:39:47.415Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025\u0026month=04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20934",
"datePublished": "2025-04-08T04:39:47.415Z",
"dateReserved": "2024-11-06T02:30:14.855Z",
"dateUpdated": "2025-04-08T14:18:36.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20948 (GCVE-0-2025-20948)
Vulnerability from cvelistv5 – Published: 2025-04-08 04:40 – Updated: 2025-04-08 15:30
VLAI?
EPSS
Summary
Out-of-bounds read in enrollment with cdsp frame secfr trustlet prior to SMR Apr-2025 Release 1 allows local privileged attackers to read out-of-bounds memory.
Severity ?
5.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Apr-2025 Release in Android 13, 14, 15
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20948",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T15:12:51.642538Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T15:30:30.928Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Apr-2025 Release in Android 13, 14, 15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in enrollment with cdsp frame secfr trustlet prior to SMR Apr-2025 Release 1 allows local privileged attackers to read out-of-bounds memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T04:40:03.518Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025\u0026month=04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20948",
"datePublished": "2025-04-08T04:40:03.518Z",
"dateReserved": "2024-11-06T02:30:14.863Z",
"dateUpdated": "2025-04-08T15:30:30.928Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20939 (GCVE-0-2025-20939)
Vulnerability from cvelistv5 – Published: 2025-04-08 04:49 – Updated: 2025-04-08 14:51
VLAI?
EPSS
Summary
Improper authorization in wireless download protocol in Galaxy Watch prior to SMR Apr-2025 Release 1 allows physical attackers to update device unique identifier of Watch devices.
Severity ?
5.4 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Apr-2025 Release in Android Watch 14
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20939",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T13:15:47.366365Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T14:51:15.611Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Apr-2025 Release in Android Watch 14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper authorization in wireless download protocol in Galaxy Watch prior to SMR Apr-2025 Release 1 allows physical attackers to update device unique identifier of Watch devices."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T04:49:41.297Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025\u0026month=04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20939",
"datePublished": "2025-04-08T04:49:41.297Z",
"dateReserved": "2024-11-06T02:30:14.856Z",
"dateUpdated": "2025-04-08T14:51:15.611Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20936 (GCVE-0-2025-20936)
Vulnerability from cvelistv5 – Published: 2025-04-08 04:39 – Updated: 2026-02-26 18:28
VLAI?
EPSS
Summary
Improper access control in HDCP trustlet prior to SMR Apr-2025 Release 1 allows local attackers with shell privilege to escalate their privileges to root.
Severity ?
8.8 (High)
CWE
- CWE-285 - Improper Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Unaffected:
SMR Apr-2025 Release in Select Android 13, 14, 15 devices
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20936",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-09T04:00:30.649528Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T18:28:45.193Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "SMR Apr-2025 Release in Select Android 13, 14, 15 devices"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in HDCP trustlet prior to SMR Apr-2025 Release 1 allows local attackers with shell privilege to escalate their privileges to root."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-285: Improper Authorization",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T04:39:49.851Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025\u0026month=04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20936",
"datePublished": "2025-04-08T04:39:49.851Z",
"dateReserved": "2024-11-06T02:30:14.855Z",
"dateUpdated": "2026-02-26T18:28:45.193Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…