Input Validation Flaw in Samsung Members App
CVE-2025-21079

7.1HIGH

Key Information:

Vendor: Samsung
Status: Samsung Members
Vendor: CVE Published:; 5 November 2025

What is CVE-2025-21079?

An improper input validation vulnerability in the Samsung Members application prior to version 5.5.01.3 enables remote attackers to access arbitrary URLs and invoke arbitrary activities leveraging the privileges of the Samsung Members app. This vulnerability requires user interaction to be triggered, posing a risk to device security and user data if exploited.

Affected Version(s)

Samsung Members 5.5.01.3

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 5, 2025
Vulnerability Reserved
Nov 6, 2024

JSON