Improper Access Control in Samsung SE Agent Service
CVE-2026-21041

6.9MEDIUM

Key Information:

Vendor

Samsung

Vendor
CVE Published:
10 July 2026

What is CVE-2026-21041?

The Samsung SE Agent Service is susceptible to an improper access control vulnerability. This issue allows local attackers to exploit weaknesses in the system, enabling them to gain unauthorized access to sensitive information. Affected versions are those prior to the SMR Jul-2026 Release 1. It is crucial for users to update their systems to ensure protection against this vulnerability.

Affected Version(s)

Samsung Mobile Devices SMR Jul-2026 Release in Android 15, 16

References

CVSS V4

Score:
6.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.