Privilege Escalation Vulnerability in Samsung Bluetooth Products
CVE-2026-21011

5.4MEDIUM

Key Information:

Vendor: Samsung
Status: Samsung Devices
Vendor: CVE Published:; 13 April 2026

What is CVE-2026-21011?

A vulnerability exists in Samsung Bluetooth products where incorrect privilege assignment during Maintenance mode can allow physical attackers to bypass the Extend Unlock feature. This flaw may lead to unauthorized access, compromising device security and user privacy. Users are encouraged to update their devices to the latest firmware to mitigate the risks associated with this vulnerability.

Affected Version(s)

Samsung Mobile Devices SMR Apr-2026 Release in Android 14, 15, 16

References

https://security.samsungmobile.com/securityUpdate.smsb?ye...

CVSS V4

Score:

5.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 13, 2026
Vulnerability Reserved
Dec 11, 2025

CVE-2026-21011 Data

JSON