Improper Export in Samsung Auto Affects Android Applications
CVE-2026-21034

4.8MEDIUM

Key Information:

Vendor

Samsung

Vendor
CVE Published:
5 June 2026

What is CVE-2026-21034?

The vulnerability arises from the improper export of application components in Samsung Auto, affecting versions prior to 3.1.2.61 on Android 15 and 3.2.0.38 on Android 16. This flaw could allow a local attacker to manipulate audio configurations, potentially leading to unauthorized changes in application behavior or user experience.

Affected Version(s)

Samsung Auto 3.1.2.61 in Android 15 and 3.2.0.38 in Android 16

References

CVSS V4

Score:
4.8
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.