Insufficient Permission Flaw in ClipboardService Affects Samsung Devices
CVE-2025-20935
5.5MEDIUM
Summary
An improper handling vulnerability exists in ClipboardService that allows local attackers to access files with elevated privileges. This flaw requires user interaction to be exploited, making it essential for users to maintain vigilance and ensure their devices are updated to mitigate potential unauthorized access.
Affected Version(s)
Samsung Mobile Devices SMR Apr-2025 Release in Android 13, 14, 15
References
CVSS V3.1
Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved