Path Traversal Vulnerability in Samsung DMS Affects File Integrity
CVE-2025-53080

7.1HIGH

Key Information:

Vendor: Samsung Electronics
Status: Data Management Server
Vendor: CVE Published:; 29 July 2025

🔔 Create Samsung Electronics Vulnerability Alert

What is CVE-2025-53080?

A path traversal vulnerability exists in Samsung's Data Management Server (DMS) that enables authenticated attackers to create arbitrary files in unintended locations within the filesystem. This flaw arises from improper limitations on pathname access, which can potentially lead to unauthorized data manipulation and files being stored outside designated directories. It is essential for users to apply appropriate security measures to safeguard their systems against this type of attack.

Affected Version(s)

Data Management Server 2.0.0 < 2.3.13.1

Data Management Server 2.5.0.17 < 2.6.14.1

Data Management Server 2.7.0.15 < 2.9.3.6

References

https://security.samsungda.com/securityUpdates.html

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 29, 2025
Vulnerability Reserved
Jun 24, 2025

Credit

Noam Moshe of Claroty Team82