Improper Pathname Limitation in Samsung MagicINFO 9 Server
CVE-2025-4632
Key Information:
- Vendor
Samsung Electronics
- Status
- Vendor
- CVE Published:
- 13 May 2025
Badges
What is CVE-2025-4632?
CVE-2025-4632 is a significant vulnerability identified in the Samsung MagicINFO 9 Server, a product designed for content management and digital signage solutions. This software facilitates the management and distribution of multimedia content across various display devices. The vulnerability arises from an improper limitation of pathname access, allowing attackers with sufficient privilege to write arbitrary files to restricted directories. This flaw can be exploited to gain elevated system privileges, jeopardizing the integrity and security of the system. Organizations using Samsung MagicINFO 9 Server could face critical disruptions in their operations, data breaches, or unauthorized system control due to this vulnerability.
Potential impact of CVE-2025-4632
-
Unauthorized Access and Control: Attackers can exploit this vulnerability to gain elevated privileges, asserting control over the server and potentially leading to system compromise.
-
Data Breaches: The ability to write arbitrary files could enable malicious actors to manipulate or exfiltrate sensitive data, leading to significant data integrity issues and privacy concerns.
-
Operational Disruption: Exploiting this vulnerability can cause operational disruptions, resulting in downtime for digital signage platforms, which may affect business continuity and overall service delivery.
CISA has reported CVE-2025-4632
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2025-4632 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace as recent news articles suggest the vulnerability is being used by ransomware groups.
The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Affected Version(s)
MagicINFO 9 Server 0 < 21.1052
News Articles

CISA Adds One Known Exploited Vulnerability to Catalog | CISA
CVE-2025-4632(link is external) Samsung MagicINFO 9 Server Path Traversal Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to...
2 weeks ago
Attackers Target Samsung MagicINFO Server Bug, Patch Now
CVE-2025-4632, a patch bypass for a Samsung MagicInfo 9 Server vulnerability disclosed last year, has been exploited by threat actors in the wild.
3 weeks ago
Samsung patches MagicINFO 9 Server vulnerability exploited by attackers - Help Net Security
Companies using Samsung MagicINFO 9 should upgrade to the latest available version to fix a vulnerability exploited by attackers in the wild.
3 weeks ago
References
EPSS Score
65% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- 🦅
CISA Reported
- 💰
Used in Ransomware
- 👾
Exploit known to exist
- 📰
First article discovered by The Hacker News
Vulnerability published
Vulnerability Reserved