Path Traversal Vulnerability in Document Scanner by Samsung
CVE-2025-21015

4MEDIUM

Key Information:

Vendor: Samsung
Status: Samsung Devices
Vendor: CVE Published:; 6 August 2025

What is CVE-2025-21015?

A path traversal vulnerability in Samsung's Document Scanner prior to the SMR Aug-2025 Release 1 allows local attackers to manipulate file paths. By exploiting this flaw, harmful actors could delete files with the application's privileges, potentially leading to data loss or disruption in service. It is crucial for users to apply the latest updates to mitigate these risks and enhance overall security.

Affected Version(s)

Samsung Mobile Devices SMR Aug-2025 Release in Android 15, 16

References

https://security.samsungmobile.com/securityUpdate.smsb?ye...

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 6, 2025
Vulnerability Reserved
Nov 6, 2024