CVE-2025-21079

High CVSS: 7.1

Improper input validation in Samsung Members prior to version 5.5.01.3 allows remote attackers to connect arbitrary URL and launch arbitrary activity with Samsung Members privilege. User interaction is required for triggering this vulnerability.

Vendor

Samsung

Product

Members

CWE

NVD-CWE-noinfo

Yayın Tarihi

2025-11-05 06:15:34

Güncelleme

2025-11-07 15:46:21

Source Identifier

mobile.security@samsung.com

KEV Date Added

Kategoriler

NVD-CWE-noinfo Members HIGH Samsung 2025

Referanslar

https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=11

Benzer Kayıtlar

High

CVE-2025-54601

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor amd Wearable Processor Exynos 980, 850, 1080, 12…

Critical

CVE-2025-54328

An issue was discovered in SMS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 21…

High

CVE-2025-54602

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 12…

High

CVE-2025-57834

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem (Exynos 980, 850, 990, 1080, 2100, 12…

High

CVE-2025-54324

An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 21…

Critical

CVE-2025-58349

An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 210…