Lucene search

Samsung MobileCVELIST:CVE-2021-25382

HistoryApr 23, 2021 - 2:50 p.m.

CVE-2021-25382

2021-04-2314:50:27

CWE-285

Samsung Mobile

www.cve.org

6.1 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

JSON

An improper authorization of using debugging command in Secure Folder prior to SMR Oct-2020 Release 1 allows unauthorized access to contents in Secure Folder via debugging command.

CNA Affected

[
  {
    "product": "Samsung Mobile Devices",
    "vendor": "Samsung Mobile",
    "versions": [
      {
        "lessThan": "SMR Oct-2020 Release 1",
        "status": "affected",
        "version": "O(8.x), P(9.0), Q(10.0), R(11.0)",
        "versionType": "custom"
      }
    ]
  }
]

References

security.samsungmobile.com/securityUpdate.smsb?year=2020&month=10

6.1 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

JSON

Related for CVELIST:CVE-2021-25382