CVE-2021-25379Improper Export of Android Application Components in Mobile Gallery

CWE-926Improper Export of Android Application Components3 documents3 sources
Severity
3.3LOWNVD
CNA4.0
EPSS
0.1%
top 83.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Samsung Mobile GallerySamsung Gallery
Timeline
PublishedApr 9
Latest updateMay 24

Description

Intent redirection vulnerability in Gallery prior to version 5.4.16.1 allows attacker to execute privileged action.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

NVDsamsung/gallery< 5.4.16.1
CVEListV5samsung_mobile/galleryAndroid O(8.x)5.4.16.1

🔴Vulnerability Details

2
GHSA
GHSA-7q99-223h-87f2: Intent redirection vulnerability in Gallery prior to version 52022-05-24
CVEList
CVE-2021-25379: Intent redirection vulnerability in Gallery prior to version 52021-04-09
CVE-2021-25379 — Samsung Mobile Gallery vulnerability | cvebase