SB20251008154 - Multiple vulnerabilities in Samsung products
Published: October 8, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 13 vulnerabilities.
1) Out-of-bounds write (CVE-ID: CVE-2025-21066)
CWE-ID: CWE-787 - Out-of-bounds write
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input. A local attacker can trigger an out-of-bounds write and execute arbitrary code on the target system.
2) Out-of-bounds write (CVE-ID: CVE-2025-21067)
CWE-ID: CWE-787 - Out-of-bounds write
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input. A local attacker can trigger an out-of-bounds write and execute arbitrary code on the target system.
3) Out-of-bounds write (CVE-ID: CVE-2025-21068)
CWE-ID: CWE-787 - Out-of-bounds write
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input. A local attacker can trigger an out-of-bounds write and execute arbitrary code on the target system.
4) Out-of-bounds write (CVE-ID: CVE-2025-21069)
CWE-ID: CWE-787 - Out-of-bounds write
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input. A local attacker can trigger an out-of-bounds write and execute arbitrary code on the target system.
5) Out-of-bounds write (CVE-ID: CVE-2025-21070)
CWE-ID: CWE-787 - Out-of-bounds write
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input. A local attacker can trigger an out-of-bounds write and execute arbitrary code on the target system.
6) Use of implicit intent for sensitive communication (CVE-ID: CVE-2025-21057)
CWE-ID: CWE-927 - Use of Implicit Intent for Sensitive Communication
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to gain access to sensitive information on the system.
The vulnerability exists due to use of implicit intent for sensitive communication. A local attacker can access shared notes.
7) Improper access control (CVE-ID: CVE-2025-21058)
CWE-ID: CWE-284 - Improper Access Control
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions. A local attacker can bypass implemented security restrictions and execute arbitrary code with SystemUI privilege.
8) Improper Authorization (CVE-ID: CVE-2025-21059)
CWE-ID: CWE-285 - Improper Authorization
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to bypass authorization checks.
The vulnerability exists due to improper authorization. A local attacker can gain access to data in Samsung Health.
9) Cleartext storage of sensitive information (CVE-ID: CVE-2025-21060)
CWE-ID: CWE-312 - Cleartext Storage of Sensitive Information
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to gain access to potentially sensitive information.
The vulnerability exists due to cleartext storage of sensitive information. A local attacker can access backup data from applications.
10) Cleartext storage of sensitive information (CVE-ID: CVE-2025-21061)
CWE-ID: CWE-312 - Cleartext Storage of Sensitive Information
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to gain access to potentially sensitive information.
The vulnerability exists due to cleartext storage of sensitive information. A local attacker can access backup data from applications.
11) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2025-21062)
CWE-ID: CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to use of a broken or risky cryptographic algorithm. A local attacker can replace the restoring application.
12) Improper access control (CVE-ID: CVE-2025-21063)
CWE-ID: CWE-284 - Improper Access Control
CVSSv4: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions. An attacker with physical access can bypass implemented security restrictions and access recording files on the lock screen.
13) Command Injection (CVE-ID: CVE-2025-21065)
CWE-ID: CWE-77 - Command injection
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to insufficient input validation. A remote user can pass specially crafted data to the application and execute arbitrary commands.
Remediation
Install update from vendor's website.