Information Exposure Vulnerability in Samsung Account
CVE-2021-25350

2LOW

Key Information:

Vendor: Samsung
Status: Samsung Account
Vendor: CVE Published:; 25 March 2021

Summary

An information exposure vulnerability exists in Samsung Account prior to version 12.1.1.3, allowing physically proximate attackers to gain unauthorized access to sensitive user information through log files. This flaw raises significant security concerns as it may lead to data leakage and potential exploitation of user credentials.

Affected Version(s)

Samsung Account Android Q(10.0) < 12.1.1.3

References

https://security.samsungmobile.com/

x_refsource_MISC

https://security.samsungmobile.com/serviceWeb.smsb

x_refsource_CONFIRM

CVSS V3.1

Score:

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Mar 25, 2021
Vulnerability Reserved
Jan 19, 2021