CVE-2025-21037 — Samsung Notes vulnerability

3 documents3 sources

Severity

4.3MEDIUMNVD

CNA4.1

EPSS

0.0%

top 95.87%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Samsung Notes

Timeline

PublishedSep 3

Latest updateSep 9

Description

Improper access control in Samsung Notes prior to version 4.4.30.63 allows physical attackers to access data across multiple user profiles. User interaction is required for triggering this vulnerability.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 0.7 | Impact: 3.6

Affected Packages1 packages

▶NVDsamsung/notes< 4.4.30.63

🔴Vulnerability Details

GHSA

GHSA-vvw2-3vqm-qqmc: Improper access control in Samsung Notes prior to version 4↗2025-09-09

▶

CVEList

CVE-2025-21037: Improper access control in Samsung Notes prior to version 4↗2025-09-03

▶