CVE-2021-25352

MEDIUM

Bixby Voice <3.0.52.14 - Privilege Escalation

Title source: llm

Description

Using PendingIntent with implicit intent in Bixby Voice prior to version 3.0.52.14 allows attackers to execute privileged action by hijacking and modifying the intent.

References (2)

Scores

CVSS v3 5.5
EPSS 0.0004
EPSS Percentile 10.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE
CWE-285 CWE-668
Status published

Affected Products (1)

samsung/bixby_voice < 3.0.52.14

Timeline

Published Mar 25, 2021
Tracked Since Feb 18, 2026