CVE-2025-20971

Summary

Improper input validation in Samsung Flow prior to version 4.9.17.6 allows local attackers to access data within Samsung Flow.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileSamsung Flow4.9.17.6unaffected

Weaknesses

  • CWE-20: Improper Input Validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References