CVE-2021-25353

Summary

Using empty PendingIntent in Galaxy Themes prior to version 5.2.00.1215 allows local attackers to read/write private file directories of Galaxy Themes application without permission via hijacking the PendingIntent.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileGalaxy Themesunspecified < 5.2.00.1215affected

Weaknesses

  • CWE-285: CWE-285 Improper Authorization

ADP Enrichment

CVE Program Container

Additional References

References