Local Privilege Escalation Vulnerability in Samsung MagicINFO 9 Server
CVE-2026-25203

7.8HIGH

Key Information:

Vendor: Samsung Electronics
Status: Magicinfo 9 Server
Vendor: CVE Published:; 10 April 2026

🔔 Create Samsung Electronics Vulnerability Alert

What is CVE-2026-25203?

The Samsung MagicINFO 9 Server is impacted by a local privilege escalation vulnerability due to incorrect default permissions. This allows an attacker with local access to escalate privileges and potentially execute unauthorized actions within the system. It is essential to update to versions 21.1091.1 or later to mitigate this security risk. For more information, please refer to Samsung's security updates.

Affected Version(s)

MagicINFO 9 Server 21.1091.1

References

https://security.samsungtv.com/securityUpdates

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 10, 2026
Vulnerability Reserved
Jan 30, 2026

CVE-2026-25203 Data

JSON