CVE-2025-20973

Summary

Improper authentication in Secure Folder prior to version 1.8.12.0 in Android 13, and 1.9.21.00 in Android 14 allows physical attackers to reset the lock type of Secure Folder.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileSecure Folder1.8.12.0 in Android 13, and 1.9.21.00 in Android 14unaffected

Weaknesses

  • CWE-287 Improper Authentication

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References