CVE-2021-25367

LOW

Samsung Notes <4.2.00.22 - Path Traversal

Title source: llm
STIX 2.1

Description

Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_misc
https://security.samsungmobile.com/
Vendor Advisory x_refsource_confirm
https://security.samsungmobile.com/serviceWeb.smsb

Scores

CVSS v3 3.7
EPSS 0.0021
EPSS Percentile 43.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N

Details

CWE
CWE-22
Status published
Products (1)
samsung/notes < 4.2.00.22
Published Mar 25, 2021
Tracked Since Feb 18, 2026