CVE-2026-21033

Summary

Improper export of android application components in ExpressHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileSamsung Assistant9.3.14 < *unaffected

Weaknesses

  • CWE-926: Improper Export of Android Application Components

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References