CVE-2021-25333

Summary

Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen via scanning specific QR code.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileSamsung Pay Miniunspecified < 4.0.14affected

Weaknesses

  • CWE-200: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

ADP Enrichment

CVE Program Container

Additional References

References