Arbitrary File Creation Vulnerability in Samsung DMS
CVE-2025-53081

9.1CRITICAL

Key Information:

Vendor: Samsung Electronics
Status: Data Management Server
Vendor: CVE Published:; 29 July 2025

🔔 Create Samsung Electronics Vulnerability Alert

What is CVE-2025-53081?

A vulnerability in Samsung's Data Management Server (DMS) allows unauthorized users to create arbitrary files in unintended locations within the filesystem. This issue is particularly concerning as exploitation is limited to specific authorized private IP addresses, potentially allowing attackers with access to these IP addresses to manipulate system files, which could lead to further security breaches or data corruption. It's crucial for administrators to monitor and apply security updates to mitigate potential risks associated with this vulnerability.

Affected Version(s)

Data Management Server 2.0.0 < 2.3.13.1

Data Management Server 2.5.0.17 < 2.6.14.1

Data Management Server 2.7.0.15 < 2.9.3.6

References

https://security.samsungda.com/securityUpdates.html

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 29, 2025
Vulnerability Reserved
Jun 24, 2025

Credit

Noam Moshe of Claroty Team82

JSON