cbcvebase.
CVE-2025-53079
published 2025-07-29

CVE-2025-53079: Absolute Path Traversal in Samsung DMS(Data Management Server) allows authenticated attacker (Administrator) to read sensitive files

PriorityP428medium4.9CVSS 3.1
AVNACLPRHUINSUCHINAN
EPSS
0.46%
36.3th percentile
Absolute Path Traversal in Samsung DMS(Data Management Server) allows authenticated attacker (Administrator) to read sensitive files

Affected

11 ranges
VendorProductVersion rangeFixed in
msrcazl3_kernel_6.6.57.1-7_on_azure_linux_3.0
msrcazl3_kernel_6.6.64.2-1_on_azure_linux_3.0
msrccbl2_kernel_5.15.186.1-1_on_cbl_mariner_2.0
msrccbl2_kernel_5.15.200.1-1_on_cbl_mariner_2.0
msrccbl2_kernel_5.15.202.1-1_on_cbl_mariner_2.0
samsungdata_management_server_firmware>= 2.0.0 < 2.3.13.12.3.13.1
samsungdata_management_server_firmware>= 2.5.0.17 < 2.6.14.12.6.14.1
samsungdata_management_server_firmware>= 2.7.0.15 < 2.9.3.62.9.3.6
samsung_electronicsdata_management_server>= 2.0.0 < 2.3.13.12.3.13.1
samsung_electronicsdata_management_server>= 2.5.0.17 < 2.6.14.12.6.14.1
samsung_electronicsdata_management_server>= 2.7.0.15 < 2.9.3.62.9.3.6

CVSS provenance

nvdv3.14.9MEDIUMCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
vendor_msrc5.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.