Privilege Escalation Vulnerability in Samsung Telephony Software
CVE-2026-21025

6.9MEDIUM

Key Information:

Vendor: Samsung
Status: Samsung Devices
Vendor: CVE Published:; 5 June 2026

What is CVE-2026-21025?

A privilege escalation vulnerability exists in Samsung's Telephony software prior to the SMR Jun-2026 Release 1. This flaw allows local attackers to gain unauthorized access to sensitive information by exploiting incorrect privilege assignments. Organizations using affected versions of Samsung's Telephony software should prioritize updating to the latest release to mitigate potential risks associated with this vulnerability.

Affected Version(s)

Samsung Mobile Devices SMR Jun-2026 Release in Android 14, 15, 16

References

https://security.samsungmobile.com/securityUpdate.smsb?ye...

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 5, 2026
Vulnerability Reserved
Dec 11, 2025

CVE-2026-21025 Data

JSON