CVE-2025-20926

Summary

Improper export of Android application components in My Files prior to version 15.0.07.5 in Android 14 allows local attackers to access files with My Files' privilege.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileSamsung My Files15.0.07.5unaffected

Weaknesses

  • CWE-926 : Improper Export of Android Application Components

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References