CVE-2021-25366

3.2LOW

Key Information:

Vendor: Samsung
Status: Samsung Internet
Vendor: CVE Published:; 25 March 2021

Summary

Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication.

Affected Version(s)

Samsung Internet < 13.2.1.70

References

https://security.samsungmobile.com/

x_refsource_MISC

https://security.samsungmobile.com/serviceWeb.smsb

x_refsource_CONFIRM

CVSS V3.1

Score:

3.2

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Physical

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Mar 25, 2021
Vulnerability Reserved
Jan 19, 2021