9 matches found
CVE-2021-25519
CVE-2021-25519 affects Samsung CPLC (Chip/Platform Level Controller) prior to SMR Dec-2021 Release 1. The issue is due to improper access control that allows local attackers to access CPLC information without permission. Affected components include CPLC’s local access path; impact is information ...
CVE-2021-25518
CVE-2021-25518 affects Samsung LDFW and BL31. The issue is an improper boundary check in the secure_log before SMR Dec-2021 Release 1, enabling arbitrary memory write and code execution. Reported impact includes local access with partial confidentiality/integrity/availability implications as per ...
CVE-2021-25517
CVE-2021-25517 affects Samsung LDFW firmware prior to SMR Dec-2021 Release 1. The vulnerability arises from improper input validation in LDFW, enabling arbitrary code execution on affected devices. Documented impact includes remote/local (depending on context) execution with high severity (CVSS v...
CVE-2021-25516
An improper check or handling of exceptional conditions in Exynos baseband prior to SMR Dec-2021 Release 1 allows attackers to track locations...
CVE-2021-25515
Samsung SemRewardManager on Android is affected by CVE-2021-25515 due to improper usage of implicit intents, enabling an attacker with local access to read the device’s BSSID. The root cause is an implicit-intent misuse in SemRewardManager prior to SMR Dec-2021 Release 1, leading to information d...
CVE-2021-25514
An improper intent redirection handling in Tags prior to SMR Dec-2021 Release 1 allows attackers to access sensitive information...
CVE-2021-25513
CVE-2021-25513 affects the Apps Edge application prior to Samsung SMR Dec-2021 Release 1. The root cause is improper privilege management, enabling unauthorized access to certain lockscreen data. Impact is limited to exposure of device data on the lockscreen; CVSS scores (NVD 2.4/3.1, Low) reflec...
CVE-2021-25511
The CVE-2021-25511 issue affects Samsung FilterProvider prior to SMR Dec-2021 Release 1 and is described as an improper validation/path traversal vulnerability that enables an attacker to write arbitrary files. Documents consistently tie this to a path traversal flaw and do not provide exploit co...
CVE-2021-25511
An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows attackers to write arbitrary files via a path traversal vulnerability...