CVE-2025-53079

CWE-364 documents4 sources
Severity
4.9MEDIUM
EPSS
0.1%
top 71.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Samsung Electronics Data Management ServerSamsung Data Management Server Firmware
Timeline
PublishedJul 29

Description

Absolute Path Traversal in Samsung DMS(Data Management Server) allows authenticated attacker (Administrator) to read sensitive files

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 1.2 | Impact: 3.6

Affected Packages2 packages

CVEListV5samsung_electronics/data_management_server2.0.02.3.13.1+2
NVDsamsung/data_management2.0.02.3.13.1+2

🔴Vulnerability Details

2
CVEList
CVE-2025-53079: Absolute Path Traversal in Samsung DMS(Data Management Server) allows authenticated attacker (Administrator) to read sensitive files2025-07-29
GHSA
GHSA-4j95-fgxh-q5gx: Absolute Path Traversal in Samsung DMS(Data Management Server) allows authenticated attacker (Administrator) to read sensitive files2025-07-29

📋Vendor Advisories

1
Microsoft
mm/thp: fix deferred split unqueue naming and locking2024-11-12
CVE-2025-53079 (MEDIUM CVSS 4.9) | Absolute Path Traversal in Samsung | cvebase.io