CVE-2021-25351

Summary

Improper Access Control in EmailValidationView in Samsung Account prior to version 10.7.0.7 and 12.1.1.3 allows physically proximate attackers to log out user account on device without user password.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileSamsung AccountAndroid P(9.0) and below < 10.7.07affected
Samsung MobileSamsung AccountAndroid Q(10.0) < 12.1.1.3affected

Weaknesses

  • CWE-285: CWE-285 Improper Authorization

ADP Enrichment

CVE Program Container

Additional References

References