Improper Scheme Check in Samsung Internet Browser
CVE-2021-25466

6.5MEDIUM

Key Information:

Vendor: Samsung
Status: Samsung Internet
Vendor: CVE Published:; 9 September 2021

What is CVE-2021-25466?

An improper scheme check vulnerability in Samsung Internet prior to version 15.0.2.47 enables attackers to execute a man-in-the-middle attack. This security flaw allows unauthorized access to sensitive information, such as the Samsung Account token, potentially compromising user accounts and data integrity.

Affected Version(s)

Samsung Internet - < 15.0.2.47

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 9, 2021
Vulnerability Reserved
Jan 19, 2021