MEDIUM🇬🇧 English

CVE-2025-20995

CVSS 4.9v3.1pub. 2025-06-04upd. 2025-12-04

Improper handling of insufficient permission in ClientProvider in Samsung Internet installed on non-Samsung Device prior to version 28.0.0.59 allows local attackers to read and write arbitrary files.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
  • Samsung Internet

    APP
    Samsung
    < 28.0.0.59
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2021-25418HIGH7.8ten sam produkt

Improper component protection vulnerability in Samsung Internet prior to version 14.0.1.62 allows untrusted ap...

CVE-2021-25400HIGH7.8ten sam produkt

Intent redirection vulnerability in Samsung Internet prior to version 14.0.1.20 allows attacker to execute pri...

CVE-2026-21036MEDIUM6.3ten sam produkt

Improper authorization in Samsung Internet prior to version 30.0.0.39 allows local attackers to access sensiti...

CVE-2025-58485MEDIUM5.5ten sam produkt

Improper input validation in Samsung Internet prior to version 29.0.0.48 allows local attackers to inject arbi...

CVE-2025-20994MEDIUM4.5ten sam produkt

Improper handling of insufficient permission in SyncClientProvider in Samsung Internet installed on non-Samsun...