Improper Input Validation in Samsung Products Allows Bypass of Network Restrictions
CVE-2026-21003

5.2MEDIUM

Key Information:

Vendor: Samsung
Status: Samsung Devices
Vendor: CVE Published:; 13 April 2026

What is CVE-2026-21003?

An improper input validation vulnerability exists in Samsung mobile devices that allows physical attackers to bypass network restrictions before the SMR release of April 2026. This flaw could enable unauthorized access to sensitive data by exploiting insufficient validation mechanisms.

Affected Version(s)

Samsung Mobile Devices SMR Apr-2026 Release in Selected Android 14, 15, 16 devices

References

https://security.samsungmobile.com/securityUpdate.smsb?ye...

CVSS V4

Score:

5.2

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 13, 2026
Vulnerability Reserved
Dec 11, 2025

CVE-2026-21003 Data

JSON