CVE-2025-21019

Summary

Improper authorization in Samsung Health prior to version 6.30.1.003 allows local attackers to access data in Samsung Health. User interaction is required for triggering this vulnerability.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileSamsung Health6.30.1.003unaffected

Weaknesses

  • CWE-285: Improper Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References