CVE-2021-25437

The CVE-2021-25437 issue affects Samsung Tizen’s FOTA service (prior to the firmware update JUL-2021 release). The root cause is an improper access control allowing an attacker to replace the FOTA update file, enabling arbitrary code execution. The vulnerability is described as exploitable over n...

CVE-2021-25433

The CVE-2021-25433 entry describes an improper authorization vulnerability in the Tizen factory reset policy prior to the Firmware update JUL-2021 Release. The flaw allows untrusted applications to trigger a factory reset via a dbus signal, indicating a local‑level attack path with low attack com...

CVE-2021-25435

CVE-2021-25435 concerns the Tizen bootloader and involves an improper input validation vulnerability that enables arbitrary code execution via the recovery partition when in wireless firmware download mode, prior to the JUL-2021 firmware update release. Affected: Tizen bootloader components; cont...

CVE-2021-25434

CVE-2021-25434 is described as an improper input validation vulnerability in the Tizen bootloader, enabling arbitrary code execution via the param partition during the wireless firmware download mode, affecting the bootloader prior to the JUL-2021 firmware update release. The issue stems from inp...

CVE-2021-25436

The CVE-2021-25436 issue affects the Tizen FOTA service (before the JUL-2021 Firmware update release). Root cause: improper input validation, enabling arbitrary code execution via the Samsung Accessory Protocol. Public references identify the component and vulnerability class but do not provide c...