Samsung Internet vulnerabilities

CVE-2021-25466 [MEDIUM] CWE-287 CVE-2021-25466: Improper scheme check vulnerability in Samsung Internet prior to version 15.0.2.47 allows attackers Improper scheme check vulnerability in Samsung Internet prior to version 15.0.2.47 allows attackers to perform Man-in-the-middle attack and obtain Samsung Account token.

CVE-2021-25445 [MEDIUM] CWE-287 CVE-2021-25445: Unprotected component vulnerability in Samsung Internet prior to version 14.2 allows untrusted appli Unprotected component vulnerability in Samsung Internet prior to version 14.2 allows untrusted application to access internal files in Samsung Internet.

CVE-2021-25418 [HIGH] CWE-269 CVE-2021-25418: Improper component protection vulnerability in Samsung Internet prior to version 14.0.1.62 allows un Improper component protection vulnerability in Samsung Internet prior to version 14.0.1.62 allows untrusted applications to execute arbitrary activity in specific condition.

CVE-2021-25400 [HIGH] CWE-926 CVE-2021-25400: Intent redirection vulnerability in Samsung Internet prior to version 14.0.1.20 allows attacker to e Intent redirection vulnerability in Samsung Internet prior to version 14.0.1.20 allows attacker to execute privileged action.

CVE-2021-25419 [MEDIUM] CWE-703 CVE-2021-25419: Non-compliance of recommended secure coding scheme in Samsung Internet prior to version 14.0.1.62 al Non-compliance of recommended secure coding scheme in Samsung Internet prior to version 14.0.1.62 allows attackers to display fake URL in address bar via phising URL link.

CVE-2021-25354 [MEDIUM] CWE-285 CVE-2021-25354: Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch non-e Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch non-exported activity in Samsung Browser via malicious deeplink.

CVE-2021-25366 [LOW] CWE-703 CVE-2021-25366: Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate a Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication.

CVE-2021-25348 [LOW] CWE-703 CVE-2021-25348: Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to file Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to files in internal storage without authorized STORAGE permission.