CVE-2021-25482

Summary

SQL injection vulnerabilities in CMFA framework prior to SMR Oct-2021 Release 1 allow untrusted application to overwrite some CMFA framework information.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileSamsung Mobile DevicesR(11.0) < SMR Oct-2021 Release 1affected

Weaknesses

  • CWE-264: CWE-264 Permissions, Privileges, and Access Controls

ADP Enrichment

CVE Program Container

Additional References

References