Samsung Account vulnerabilities

27 known vulnerabilities affecting samsung/account.

Total CVEs
27
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH4MEDIUM19LOW4

Vulnerabilities

Page 1 of 2
CVE-2025-58486MEDIUMCVSS 5.5fixed in 15.5.01.12025-12-02
CVE-2025-58486 [MEDIUM] CVE-2025-58486: Improper input validation in Samsung Account prior to version 15.5.01.1 allows local attacker to exe Improper input validation in Samsung Account prior to version 15.5.01.1 allows local attacker to execute arbitrary script.
nvd
CVE-2025-58487LOWCVSS 3.3fixed in 15.5.01.12025-12-02
CVE-2025-58487 [MEDIUM] CVE-2025-58487: Improper authorization in Samsung Account prior to version 15.5.01.1 allows local attacker to launch Improper authorization in Samsung Account prior to version 15.5.01.1 allows local attacker to launch arbitrary activity with Samsung Account privilege.
nvd
CVE-2025-21076MEDIUMCVSS 5.5fixed in 15.5.00.182025-11-05
CVE-2025-21076 [MEDIUM] CVE-2025-21076: Improper handling of insufficient permissions or privileges in Samsung Account prior to version 15.5 Improper handling of insufficient permissions or privileges in Samsung Account prior to version 15.5.00.18 allows local attackers to access data in Samsung Account. User interaction is required for triggering this vulnerability.
nvd
CVE-2023-21481HIGHCVSS 7.5fixed in 14.1.0.02025-09-03
CVE-2023-21481 [MEDIUM] CVE-2023-21481: Improper URL input validation vulnerability in Samsung Account application prior to version 14.1.0.0 Improper URL input validation vulnerability in Samsung Account application prior to version 14.1.0.0 allows remote attackers to get sensitive information.
nvd
CVE-2024-20841MEDIUMCVSS 5.5fixed in 14.8.00.32024-03-05
CVE-2024-20841 [MEDIUM] CWE-276 CVE-2024-20841: Improper Handling of Insufficient Privileges in Samsung Account prior to version 14.8.00.3 allows lo Improper Handling of Insufficient Privileges in Samsung Account prior to version 14.8.00.3 allows local attackers to access data.
nvd
CVE-2023-42547MEDIUMCVSS 6.5fixed in 14.5.00.72023-11-07
CVE-2023-42547 [MEDIUM] CWE-668 CVE-2023-42547: Use of implicit intent for sensitive communication vulnerability in startEmailValidationActivity in Use of implicit intent for sensitive communication vulnerability in startEmailValidationActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.
nvd
CVE-2023-42548MEDIUMCVSS 6.5fixed in 14.5.00.72023-11-07
CVE-2023-42548 [MEDIUM] CVE-2023-42548: Use of implicit intent for sensitive communication vulnerability in startMandatoryCheckActivity in S Use of implicit intent for sensitive communication vulnerability in startMandatoryCheckActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.
nvd
CVE-2023-42551MEDIUMCVSS 6.5fixed in 14.5.00.72023-11-07
CVE-2023-42551 [MEDIUM] CWE-668 CVE-2023-42551: Use of implicit intent for sensitive communication vulnerability in startTncActivity in Samsung Acco Use of implicit intent for sensitive communication vulnerability in startTncActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.
nvd
CVE-2023-42546MEDIUMCVSS 6.5fixed in 14.5.00.72023-11-07
CVE-2023-42546 [MEDIUM] CWE-668 CVE-2023-42546: Use of implicit intent for sensitive communication vulnerability in startAgreeToDisclaimerActivity i Use of implicit intent for sensitive communication vulnerability in startAgreeToDisclaimerActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.
nvd
CVE-2023-42550MEDIUMCVSS 6.5fixed in 14.5.00.72023-11-07
CVE-2023-42550 [MEDIUM] CVE-2023-42550: Use of implicit intent for sensitive communication vulnerability in startSignIn in Samsung Account p Use of implicit intent for sensitive communication vulnerability in startSignIn in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.
nvd
CVE-2023-42540MEDIUMCVSS 5.5fixed in 14.5.01.12023-11-07
CVE-2023-42540 [MEDIUM] CWE-284 CVE-2023-42540: Improper access control vulnerability in Samsung Account prior to version 14.5.01.1 allows attackers Improper access control vulnerability in Samsung Account prior to version 14.5.01.1 allows attackers to access sensitive information via implicit intent.
nvd
CVE-2023-42549MEDIUMCVSS 6.5fixed in 14.5.00.72023-11-07
CVE-2023-42549 [MEDIUM] CWE-668 CVE-2023-42549: Use of implicit intent for sensitive communication vulnerability in startNameValidationActivity in S Use of implicit intent for sensitive communication vulnerability in startNameValidationActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.
nvd
CVE-2022-39874MEDIUMCVSS 5.5fixed in 13.5.01.32022-10-07
CVE-2022-39874 [MEDIUM] CWE-779 CVE-2022-39874: Sensitive log information leakage vulnerability in Samsung Account prior to version 13.5.0 allows at Sensitive log information leakage vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.
nvd
CVE-2022-39863MEDIUMCVSS 4.7fixed in 13.5.01.32022-10-07
CVE-2022-39863 [LOW] CWE-20 CVE-2022-39863: Intent redirection vulnerability in Samsung Account prior to version 13.5.01.3 allows attackers to a Intent redirection vulnerability in Samsung Account prior to version 13.5.01.3 allows attackers to access content providers without permission.
nvd
CVE-2022-39875MEDIUMCVSS 4.4fixed in 13.5.01.32022-10-07
CVE-2022-39875 [MEDIUM] CWE-284 CVE-2022-39875: Improper component protection vulnerability in Samsung Account prior to version 13.5.0 allows attack Improper component protection vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.
nvd
CVE-2022-30735HIGHCVSS 7.5fixed in 13.2.00.62022-06-07
CVE-2022-30735 [MEDIUM] CWE-200 CVE-2022-30735: Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers t Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the access_token without permission.
nvd
CVE-2022-30732HIGHCVSS 7.5fixed in 13.2.00.62022-06-07
CVE-2022-30732 [MEDIUM] CWE-200 CVE-2022-30732: Exposure of Sensitive Information vulnerability in Samsung Account prior to version 13.2.00.6 allows Exposure of Sensitive Information vulnerability in Samsung Account prior to version 13.2.00.6 allows attacker to access sensitive information via onActivityResult.
nvd
CVE-2022-30737MEDIUMCVSS 5.3fixed in 13.2.00.62022-06-07
CVE-2022-30737 [MEDIUM] CWE-200 CVE-2022-30737: Implicit Intent hijacking vulnerability in Samsung Account prior to version 13.2.00.6 allows attacke Implicit Intent hijacking vulnerability in Samsung Account prior to version 13.2.00.6 allows attackers to get email ID.
nvd
CVE-2022-30733MEDIUMCVSS 5.3fixed in 13.2.00.62022-06-07
CVE-2022-30733 [MEDIUM] CWE-200 CVE-2022-30733: Sensitive information exposure in Sign-in log in Samsung Account prior to version 13.2.00.6 allows a Sensitive information exposure in Sign-in log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email or phone number without permission.
nvd
CVE-2022-30736MEDIUMCVSS 5.3fixed in 13.2.00.62022-06-07
CVE-2022-30736 [MEDIUM] CWE-200 CVE-2022-30736: Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers t Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the data of contact and gallery without permission.
nvd
1 / 2Next →