Arbitrary File Creation Vulnerability in Samsung DMS
CVE-2025-53081

6.4MEDIUM

Key Information:

Vendor: Samsung Electronics
Status: Data Management Server
Vendor: CVE Published:; 29 July 2025

🔔 Create Samsung Electronics Vulnerability Alert

What is CVE-2025-53081?

A vulnerability in Samsung's Data Management Server (DMS) allows unauthorized users to create arbitrary files in unintended locations within the filesystem. This issue is particularly concerning as exploitation is limited to specific authorized private IP addresses, potentially allowing attackers with access to these IP addresses to manipulate system files, which could lead to further security breaches or data corruption. It's crucial for administrators to monitor and apply security updates to mitigate potential risks associated with this vulnerability.

Affected Version(s)

Data Management Server 2.0.0 < 2.3.13.1

Data Management Server 2.5.0.17 < 2.6.14.1

Data Management Server 2.7.0.15 < 2.9.3.6

References

https://security.samsungda.com/securityUpdates.html

CVSS V3.1

Score:

6.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 29, 2025
Vulnerability Reserved
Jun 24, 2025

Credit

Noam Moshe of Claroty Team82