CVE-2025-21036

Summary

Improper access control in Samsung Notes prior to version 4.4.30.63 allows local privileged attackers to access exported note files. User interaction is required for triggering this vulnerability.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileSamsung Notes4.4.30.63unaffected

Weaknesses

  • CWE-927: Use of Implicit Intent for Sensitive Communication

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References