Out-of-Bounds Write Vulnerability in Samsung Notes for Android Devices
CVE-2025-20931

7.3HIGH

Key Information:

Vendor: Samsung
Status: Samsung Notes
Vendor: CVE Published:; 6 March 2025

What is CVE-2025-20931?

An out-of-bounds write vulnerability exists in the parsing of BMP images in Samsung Notes prior to version 4.4.26.71. This flaw can be exploited by local attackers, potentially allowing them to execute arbitrary code on affected devices. Users are advised to update their Samsung Notes application to the latest version to mitigate this security risk.

Affected Version(s)

Samsung Notes 4.4.26.71

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 6, 2025
Vulnerability Reserved
Nov 6, 2024