Improper Access Control in Cameralyzer by Samsung
CVE-2021-25431

5.5MEDIUM

Key Information:

Vendor: Samsung
Status: Cameralyzer
Vendor: CVE Published:; 8 July 2021

What is CVE-2021-25431?

An improper access control vulnerability exists in Samsung's Cameralyzer software that could allow untrusted applications to gain access to certain functions. This issue affects various versions, potentially exposing sensitive functionalities to unauthorized actors. Users are advised to upgrade to the latest versions of the software to mitigate the risk associated with this vulnerability.

Affected Version(s)

Cameralyzer - < 3.2.1041 in 3.2.x, 3.3.1040 in 3.3.x, and 3.4.4210 in 3.4.x

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 8, 2021
Vulnerability Reserved
Jan 19, 2021