Improper Input Validation in Samsung Account Affects Security
CVE-2025-58486

4MEDIUM

Key Information:

Vendor: Samsung
Status: Samsung Account
Vendor: CVE Published:; 2 December 2025

What is CVE-2025-58486?

An input validation vulnerability in Samsung Account allows local attackers to execute arbitrary scripts. This flaw, present in versions prior to 15.5.01.1, can potentially compromise user security by enabling unauthorized script execution, thereby heightening the risk of data breaches and system manipulation.

Affected Version(s)

Samsung Account 15.5.01.1

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 2, 2025
Vulnerability Reserved
Sep 3, 2025

JSON