CVE-2025-21076

3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 98.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Samsung Account
Timeline
PublishedNov 5

Description

Improper handling of insufficient permissions or privileges in Samsung Account prior to version 15.5.00.18 allows local attackers to access data in Samsung Account. User interaction is required for triggering this vulnerability.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages1 packages

NVDsamsung/account< 15.5.00.18

🔴Vulnerability Details

2
GHSA
GHSA-vm9p-cjxm-7x59: Improper handling of insufficient permissions or privileges in Samsung Account prior to version 152025-11-05
CVEList
CVE-2025-21076: Improper handling of insufficient permissions or privileges in Samsung Account prior to version 152025-11-05
CVE-2025-21076 (MEDIUM CVSS 5.5) | Improper handling of insufficient p | cvebase.io