Improper Access Control in SmartManagerCN by Samsung
CVE-2025-20953

4.4MEDIUM

Key Information:

Vendor: Samsung
Status: Samsung Devices
Vendor: CVE Published:; 7 May 2025

What is CVE-2025-20953?

The SmartManagerCN application developed by Samsung contains an improper access control vulnerability that allows local attackers to execute unauthorized activities before the SMR May-2025 Release 1. This flaw poses significant security risks, enabling malicious users to manipulate or access sensitive data within the application. Users are advised to update to the latest version following the release to mitigate these risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Samsung Mobile Devices SMR May-2025 Release in Android 13, 14, 15

References

https://security.samsungmobile.com/securityUpdate.smsb?ye...

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 7, 2025
Vulnerability Reserved
Nov 6, 2024

JSON

Samsung