Information Exposure Vulnerability in Samsung Account
CVE-2021-25350

2LOW

Key Information:

Vendor

Samsung
Status
Samsung Account
Vendor
CVE Published:
25 March 2021

What is CVE-2021-25350?

An information exposure vulnerability exists in Samsung Account prior to version 12.1.1.3, allowing physically proximate attackers to gain unauthorized access to sensitive user information through log files. This flaw raises significant security concerns as it may lead to data leakage and potential exploitation of user credentials.

Affected Version(s)

Samsung Account Android Q(10.0) < 12.1.1.3

References

https://security.samsungmobile.com/
x_refsource_MISC
https://security.samsungmobile.com/serviceWeb.smsb
x_refsource_CONFIRM

CVSS V3.1

Score:
2
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.