Multiple vulnerabilities in Samsung products
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 8 |
| CVE-ID | CVE-2025-58481 CVE-2025-58482 CVE-2025-58483 CVE-2025-58484 CVE-2025-58485 CVE-2025-58486 CVE-2025-58487 CVE-2025-58488 |
| CWE-ID | CWE-284 CWE-926 CWE-276 CWE-20 CWE-285 CWE-940 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
MotionPhoto Mobile applications / Apps for mobile phones Galaxy Store for Galaxy Watch Mobile applications / Apps for mobile phones Cloud Assistant Mobile applications / Apps for mobile phones Samsung Internet Mobile applications / Apps for mobile phones Account Mobile applications / Apps for mobile phones SmartTouchCall Mobile applications / Apps for mobile phones |
| Vendor | Samsung |
Security Bulletin
This security bulletin contains information about 8 vulnerabilities.
1) Improper access control
EUVDB-ID: #VU119093
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-58481
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions in MPRemoteService. A local user can bypass implemented security restrictions and start privileged service.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMotionPhoto: before 4.1.51
CPE2.3 External linkshttps://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=12
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to perform certain actions on the device.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper access control
EUVDB-ID: #VU119094
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-58482
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions in MPLocalService. A local user can bypass implemented security restrictions and start privileged service.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMotionPhoto: before 4.1.51
CPE2.3 External linkshttps://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=12
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to perform certain actions on the device.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper export of android application components
EUVDB-ID: #VU119095
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-58483
CWE-ID:
CWE-926 - Improper Export of Android Application Components
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to improper export of Android application components. A local attacker can install arbitrary application on Galaxy Store.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGalaxy Store for Galaxy Watch: before 1.0.06.29
CPE2.3 External linkshttps://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=12
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to perform certain actions on the device.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Incorrect default permissions
EUVDB-ID: #VU119096
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-58484
CWE-ID:
CWE-276 - Incorrect Default Permissions
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain access to sensitive information on the system.
The vulnerability exists due to incorrect default permissions. A local attacker can access partial data in sandbox.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCloud Assistant: before 8.0.03.8
CPE2.3 External linkshttps://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=12
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to perform certain actions on the device.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Input validation error
EUVDB-ID: #VU119098
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-58485
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise the target system.
The vulnerability exists due to insufficient validation of user-supplied input. A local user can pass specially crafted input to the application and inject arbitrary script.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSamsung Internet: before 29.0.0.48
CPE2.3 External linkshttps://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=12
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to perform certain actions on the device.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Input validation error
EUVDB-ID: #VU119099
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-58486
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to insufficient validation of user-supplied input. A local attacker can pass specially crafted input to the application and inject arbitrary script.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAccount: before 15.5.01.1
CPE2.3 External linkshttps://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=12
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to perform certain actions on the device.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Improper Authorization
EUVDB-ID: #VU119100
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-58487
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to bypass authorization checks.
The vulnerability exists due to improper authorization. A local attacker can launch arbitrary activity with Samsung Account privilege.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAccount: before 15.5.01.1
CPE2.3 External linkshttps://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=12
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to perform certain actions on the device.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Improper Verification of Source of a Communication Channel
EUVDB-ID: #VU119101
Risk: Medium
CVSSv4.0: 4 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-58488
CWE-ID:
CWE-940 - Improper Verification of Source of a Communication Channel
Exploit availability: No
DescriptionThe vulnerability allows a remote user to compromise the target system.
The vulnerability exists due to improper verification of source of a communication channel. A remote administrator can gain access to sensitive information.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSmartTouchCall: before 1.0.1.1
CPE2.3 External linkshttps://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=12
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to perform certain actions on the device.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
