CVE-2025-4632

Critical KEV CVSS: 9.8

Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority.

Vendor

Samsung

Product

Magicinfo 9 Server

CWE

CWE-22

Yayın Tarihi

2025-05-13 06:15:36

Güncelleme

2025-11-03 18:58:05

Source Identifier

PSIRT@samsung.com

KEV Date Added

2025-05-22

Kategoriler

CWE-22 Magicinfo 9 Server CRITICAL Samsung 2025

Referanslar

https://security.samsungtv.com/securityUpdates#SVP-MAY-2025 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-4632

Benzer Kayıtlar

High

CVE-2025-54601

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor amd Wearable Processor Exynos 980, 850, 1080, 12…

Critical

CVE-2025-54328

An issue was discovered in SMS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 21…

High

CVE-2025-54602

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 12…

High

CVE-2025-57834

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem (Exynos 980, 850, 990, 1080, 2100, 12…

High

CVE-2025-54324

An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 21…

Critical

CVE-2025-58349

An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 210…