Improper Access Control in Samsung Fingerprint Trustlet
CVE-2025-20987
5.2MEDIUM
What is CVE-2025-20987?
An improper access control vulnerability exists in the fingerprint trustlet of Samsung devices, allowing local privileged attackers to exploit the flaw and obtain an authentication token. This can potentially allow unauthorized access to sensitive data and compromise the device's security. Keeping devices updated with the latest security releases is crucial to mitigate risks associated with such vulnerabilities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Samsung Mobile Devices SMR Jun-2025 Release in Android 13, 14, 15
References
CVSS V3.1
Score:
5.2
Severity:
MEDIUM
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved