Samsung Mobile Devices vulnerabilities

CVE-2021-25427 [MEDIUM] CWE-89 CVE-2021-25427: SQL injection vulnerability in Bluetooth prior to SMR July-2021 Release 1 allows unauthorized access SQL injection vulnerability in Bluetooth prior to SMR July-2021 Release 1 allows unauthorized access to paired device information

CVE-2021-25430 [MEDIUM] CWE-287 CVE-2021-25430: Improper access control vulnerability in Bluetooth application prior to SMR July-2021 Release 1 allo Improper access control vulnerability in Bluetooth application prior to SMR July-2021 Release 1 allows untrusted application to access the Bluetooth information in Bluetooth application.

CVE-2021-25429 [MEDIUM] CWE-269 CVE-2021-25429: Improper privilege management vulnerability in Bluetooth application prior to SMR July-2021 Release Improper privilege management vulnerability in Bluetooth application prior to SMR July-2021 Release 1 allows untrusted application to access the Bluetooth information in Bluetooth application.

CVE-2021-25386 [CRITICAL] CWE-121 CVE-2021-25386: An improper input validation vulnerability in sdfffd_parse_chunk_FVER() in libsdffextractor library An improper input validation vulnerability in sdfffd_parse_chunk_FVER() in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.

CVE-2021-25387 [CRITICAL] CWE-122 CVE-2021-25387: An improper input validation vulnerability in sflacfd_get_frm() in libsflacextractor library prior t An improper input validation vulnerability in sflacfd_get_frm() in libsflacextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.

CVE-2021-25385 [CRITICAL] CWE-121 CVE-2021-25385: An improper input validation vulnerability in sdfffd_parse_chunk_PROP() in libsdffextractor library An improper input validation vulnerability in sdfffd_parse_chunk_PROP() in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.

CVE-2021-25383 [CRITICAL] CWE-122 CVE-2021-25383: An improper input validation vulnerability in scmn_mfal_read() in libsapeextractor library prior to An improper input validation vulnerability in scmn_mfal_read() in libsapeextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.

CVE-2021-25384 [CRITICAL] CWE-122 CVE-2021-25384: An improper input validation vulnerability in sdfffd_parse_chunk_PROP() with Sample Rate Chunk in li An improper input validation vulnerability in sdfffd_parse_chunk_PROP() with Sample Rate Chunk in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.

CVE-2021-25407 [HIGH] CWE-787 CVE-2021-25407: A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows ar A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write.

CVE-2021-25388 [HIGH] CWE-926 CVE-2021-25388: Improper caller check vulnerability in Knox Core prior to SMR MAY-2021 Release 1 allows attackers to Improper caller check vulnerability in Knox Core prior to SMR MAY-2021 Release 1 allows attackers to install arbitrary app.

CVE-2021-25417 [HIGH] CWE-285 CVE-2021-25417: Improper authorization in SDP SDK prior to SMR JUN-2021 Release 1 allows access to internal storage. Improper authorization in SDP SDK prior to SMR JUN-2021 Release 1 allows access to internal storage.

CVE-2021-25410 [HIGH] CWE-20 CVE-2021-25410: Improper access control of a component in CallBGProvider prior to SMR JUN-2021 Release 1 allows loca Improper access control of a component in CallBGProvider prior to SMR JUN-2021 Release 1 allows local attackers to access arbitrary files with an escalated privilege.

CVE-2021-25414 [HIGH] CWE-20 CVE-2021-25414: Improper sanitization of incoming intent in Samsung Contacts prior to SMR JUN-2021 Release 1 allows Improper sanitization of incoming intent in Samsung Contacts prior to SMR JUN-2021 Release 1 allows local attackers to copy or overwrite arbitrary files with Samsung Contacts privilege.

CVE-2021-25408 [HIGH] CWE-787 CVE-2021-25408: A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitr A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution.

CVE-2021-25412 [HIGH] CWE-284 CVE-2021-25412: An improper access control vulnerability in genericssoservice prior to SMR JUN-2021 Release 1 allows An improper access control vulnerability in genericssoservice prior to SMR JUN-2021 Release 1 allows local attackers to execute protected activity with system privilege via untrusted applications.

CVE-2021-25390 [MEDIUM] CWE-926 CVE-2021-25390: Intent redirection vulnerability in PhotoTable prior to SMR MAY-2021 Release 1 allows attackers to e Intent redirection vulnerability in PhotoTable prior to SMR MAY-2021 Release 1 allows attackers to execute privileged action.

CVE-2021-25391 [MEDIUM] CWE-926 CVE-2021-25391: Intent redirection vulnerability in Secure Folder prior to SMR MAY-2021 Release 1 allows attackers t Intent redirection vulnerability in Secure Folder prior to SMR MAY-2021 Release 1 allows attackers to execute privileged action.

CVE-2021-25415 [MEDIUM] CWE-94 CVE-2021-25415: Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 a Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to remap EL2 memory as writable.

CVE-2021-25393 [MEDIUM] CWE-94 CVE-2021-25393: Improper sanitization of incoming intent in SecSettings prior to SMR MAY-2021 Release 1 allows local Improper sanitization of incoming intent in SecSettings prior to SMR MAY-2021 Release 1 allows local attackers to get permissions to access system uid data.

CVE-2021-25416 [MEDIUM] CWE-94 CVE-2021-25416: Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 a Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outside code area.