Incorrect Default Permissions in Samsung Cloud Assistant
CVE-2025-58484
4MEDIUM
What is CVE-2025-58484?
The Samsung Cloud Assistant suffers from incorrect default permissions in versions before 8.0.03.8, which may permit local attackers to access sensitive data stored within the app's sandbox environment. This vulnerability can potentially expose partial user data, raising concerns about data confidentiality and user privacy. It's crucial for users to upgrade to the latest version to safeguard against such risks.
Affected Version(s)
Samsung Cloud Assistant 8.0.03.8
References
CVSS V3.1
Score:
4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved