Improper Access Control in MediaTek Audio HAL Affects Samsung Devices
CVE-2026-21030

6.4MEDIUM

Key Information:

Vendor: Samsung
Status: Samsung Devices
Vendor: CVE Published:; 5 June 2026

What is CVE-2026-21030?

The vulnerability in MediaTek Audio HAL allows local attackers to exploit improper access controls, potentially triggering privileged functions that should be restricted. This flaw affects versions leading up to the SMR Jun-2026 Release 1, posing a risk to Samsung devices utilizing this audio hardware layer. Proper mitigations and updates are essential to secure the system against such exploits.

Affected Version(s)

Samsung Mobile Devices SMR Jun-2026 Release in Android 14, 15, 16

References

https://security.samsungmobile.com/securityUpdate.smsb?ye...

CVSS V4

Score:

6.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 5, 2026
Vulnerability Reserved
Dec 11, 2025

CVE-2026-21030 Data

JSON