Path Traversal Vulnerability in Samsung Members by Samsung
CVE-2025-20949
9.1CRITICAL
What is CVE-2025-20949?
A path traversal vulnerability exists in Samsung Members prior to version 5.0.00.11, allowing attackers to exploit the file access controls. This flaw enables unauthorized users to read and write arbitrary files with privileges associated with the Samsung Members application, which may lead to sensitive information disclosure or manipulation on affected devices.
Affected Version(s)
Samsung Members 5.0.00.11
References
CVSS V3.1
Score:
9.1
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved