CVE-2025-21076

Summary

Improper handling of insufficient permissions or privileges in Samsung Account prior to version 15.5.00.18 allows local attackers to access data in Samsung Account. User interaction is required for triggering this vulnerability.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileSamsung Account15.5.00.18unaffected

Weaknesses

  • CWE-280: Improper Handling of Insufficient Permissions or Privileges

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References