CVE-2025-20951

3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 76.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Samsung Galaxy Store
Timeline
PublishedApr 8

Description

Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.90.7 allows local attackers to write arbitrary files with the privilege of Galaxy Store.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:LExploitability: 2.5 | Impact: 2.5

Affected Packages1 packages

NVDsamsung/galaxy_store< 4.5.90.7

🔴Vulnerability Details

2
CVEList
CVE-2025-20951: Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 42025-04-08
GHSA
GHSA-w5jv-4chj-9gqx: Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 42025-04-08
CVE-2025-20951 (MEDIUM CVSS 5.5) | Improper verification of intent by | cvebase.io