CVE-2021-25330

Summary

Calling of non-existent provider in MobileWips application prior to SMR Feb-2021 Release 1 allows unauthorized actions including denial of service attack by hijacking the provider.

Affected Software

VendorProductVersion RangeStatus
n/aSamsung Mobile DevicesSelected Q(10.0) prior to SMR Feb-2021 Release 1affected

Weaknesses

  • Improper Control of Generation of Code ('Code Injection')

ADP Enrichment

CVE Program Container

Additional References

References