Incorrect Default Permissions in Samsung Cloud Assistant
CVE-2025-58484

4MEDIUM

Key Information:

Vendor: Samsung
Status: Samsung Cloud Assistant
Vendor: CVE Published:; 2 December 2025

What is CVE-2025-58484?

The Samsung Cloud Assistant suffers from incorrect default permissions in versions before 8.0.03.8, which may permit local attackers to access sensitive data stored within the app's sandbox environment. This vulnerability can potentially expose partial user data, raising concerns about data confidentiality and user privacy. It's crucial for users to upgrade to the latest version to safeguard against such risks.

Affected Version(s)

Samsung Cloud Assistant 8.0.03.8

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 2, 2025
Vulnerability Reserved
Sep 3, 2025

JSON