Improper Access Control in SmartThingsKit by Samsung
CVE-2026-21050

5.1MEDIUM

Key Information:

Vendor

Samsung

Vendor
CVE Published:
10 July 2026

What is CVE-2026-21050?

An improper access control vulnerability exists in SmartThingsKit that can be exploited by local attackers to gain access to sensitive information. This flaw precedes the SMR Jul-2026 Release 1, potentially posing risks to users relying on the SmartThings ecosystem.

Affected Version(s)

Samsung Mobile Devices SMR Jul-2026 Release in Android 16

References

CVSS V4

Score:
5.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.