CVE-2021-25377

LOW

Samsung Experience Service <12.2.0.5 - Privilege Escalation

Title source: llm
STIX 2.1

Description

Intent redirection in Samsung Experience Service versions 10.8.0.4 in Android P(9.0) below, and 12.2.0.5 in Android Q(10.0) above allows attacker to execute privileged action.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_confirm
https://security.samsungmobile.com/
Vendor Advisory x_refsource_confirm
https://security.samsungmobile.com/serviceWeb.smsb

Scores

CVSS v3 3.3
EPSS 0.0004
EPSS Percentile 13.5%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Details

CWE
CWE-269 CWE-287
Status published
Products (1)
samsung/experience_service < 10.8.0.4
Published Apr 09, 2021
Tracked Since Feb 18, 2026