Improper Privilege Management in SamsungAccount Affects Samsung Products
CVE-2025-21010

6MEDIUM

Key Information:

Vendor

Samsung
Status
Samsung Devices
Vendor
CVE Published:
6 August 2025

What is CVE-2025-21010?

An improper privilege management vulnerability exists in SamsungAccount, allowing local privileged attackers to deactivate a user's Samsung account. This can lead to unauthorized access to personal data and services associated with the account, compromising user security. Organizations are advised to update to the latest version as per security updates from Samsung to mitigate this risk.

Affected Version(s)

Samsung Mobile Devices SMR Aug-2025 Release in Android 13, 14, 15, 16

References

https://security.samsungmobile.com/securityUpdate.smsb?ye...

CVSS V3.1

Score:
6
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.