CVE-2025-53082

Summary

An 'Arbitrary File Deletion' in Samsung DMS(Data Management Server) allows attackers to delete arbitrary files from unintended locations on the filesystem. Exploitation is restricted to specific, authorized private IP addresses.

Affected Software

VendorProductVersion RangeStatus
Samsung ElectronicsData Management Server2.0.0 < 2.3.13.1affected
Samsung ElectronicsData Management Server2.5.0.17 < 2.6.14.1affected
Samsung ElectronicsData Management Server2.7.0.15 < 2.9.3.6affected

Weaknesses

  • CWE-23: CWE-23 Relative Path Traversal

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References