CVE-2021-25445Improper Authentication in Mobile Samsung Internet

CWE-287Improper Authentication3 documents3 sources
Severity
5.3MEDIUMNVD
EPSS
0.2%
top 52.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Samsung Mobile Samsung InternetSamsung Internet
Timeline
PublishedAug 5
Latest updateMay 24

Description

Unprotected component vulnerability in Samsung Internet prior to version 14.2 allows untrusted application to access internal files in Samsung Internet.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

NVDsamsung/internet< 14.2
CVEListV5samsung_mobile/samsung_internet-14.2

🔴Vulnerability Details

2
GHSA
GHSA-q6qq-rqww-vfp7: Unprotected component vulnerability in Samsung Internet prior to version 142022-05-24
CVEList
CVE-2021-25445: Unprotected component vulnerability in Samsung Internet prior to version 142021-08-05
CVE-2021-25445 — Improper Authentication | cvebase