Code Injection Vulnerability in Samsung MagicINFO 9 Server
CVE-2025-54451

9.8CRITICAL

Key Information:

Vendor: Samsung Electronics
Status: Magicinfo 9 Server
Vendor: CVE Published:; 23 July 2025

🔔 Create Samsung Electronics Vulnerability Alert

What is CVE-2025-54451?

A vulnerability in Samsung Electronics' MagicINFO 9 Server enables attackers to perform code injection. This flaw affects versions prior to 21.1080.0, posing significant risks to the integrity and confidentiality of systems utilizing the software. By exploiting this issue, malicious actors could inject harmful code, resulting in unauthorized actions and potential data breaches. Users and administrators should ensure their systems are updated to mitigate these risks. For further information and security updates, please refer to Samsung's security portal.

Affected Version(s)

MagicINFO 9 Server 21.1080.0

References

https://security.samsungtv.com/securityUpdates

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 23, 2025
Vulnerability Reserved
Jul 22, 2025