CVE-2025-21078

Summary

Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows adjacent attackers to access backup data from applications.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileSmart Switch3.7.68.6unaffected

Weaknesses

  • CWE-330 Use of Insufficiently Random Values

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References