Lucene search

Samsung MobileCVELIST:CVE-2021-25389

HistoryJun 11, 2021 - 2:45 p.m.

CVE-2021-25389

2021-06-1114:45:21

CWE-287

Samsung Mobile

www.cve.org

2.3 Low

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

0.0005 Low

EPSS

Percentile

17.3%

JSON

Improper running task check in S Secure prior to SMR MAY-2021 Release 1 allows attackers to use locked app without authentication.

CNA Affected

[
  {
    "product": "Samsung Mobile Devices ",
    "vendor": "Samsung Mobile",
    "versions": [
      {
        "lessThan": "SMR MAY-2021 Release 1",
        "status": "affected",
        "version": "P(9.0)",
        "versionType": "custom"
      }
    ]
  }
]

References

security.samsungmobile.com/securityUpdate.smsb?year=2021&month=5

2.3 Low

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

0.0005 Low

EPSS

Percentile

17.3%

JSON

Related for CVELIST:CVE-2021-25389