CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20940
https://notcve.org/view.php?id=CVE-2025-20940
08 Apr 2025 — Improper handling of insufficient permission in Samsung Device Health Manager Service prior to SMR Apr-2025 Release 1 allows local attackers to access provider in SDMHS. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20938
https://notcve.org/view.php?id=CVE-2025-20938
08 Apr 2025 — Improper access control in SamsungContacts prior to SMR Apr-2025 Release 1 allows local attackers to access protected data in SamsungContacts. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20936
https://notcve.org/view.php?id=CVE-2025-20936
08 Apr 2025 — Improper access control in HDCP trustlet prior to SMR Apr-2025 Release 1 allows local attackers with shell privilege to escalate their privileges to root. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20935
https://notcve.org/view.php?id=CVE-2025-20935
08 Apr 2025 — Improper handling of insufficient permission or privileges in ClipboardService prior to SMR Apr-2025 Release 1 allows local attackers to access files with system privilege. User interaction is required for triggering this vulnerability. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20934
https://notcve.org/view.php?id=CVE-2025-20934
08 Apr 2025 — Improper access control in Sticker Center prior to SMR Apr-2025 Release 1 allows local attackers to access image files with system privilege. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04 • CWE-926: Improper Export of Android Application Components •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20912
https://notcve.org/view.php?id=CVE-2025-20912
06 Mar 2025 — Incorrect default permission in DiagMonAgent prior to SMR Mar-2025 Release 1 allows local attackers to access data within Galaxy Watch. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=03 •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20911
https://notcve.org/view.php?id=CVE-2025-20911
06 Mar 2025 — Improper access control in sem_wifi service prior to SMR Mar-2025 Release 1 allows privileged local attackers to update MAC address of Galaxy Watch. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=03 •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20910
https://notcve.org/view.php?id=CVE-2025-20910
06 Mar 2025 — Incorrect default permission in Galaxy Watch Gallery prior to SMR Mar-2025 Release 1 allows local attackers to access data in Galaxy Watch Gallery. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=03 •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20909
https://notcve.org/view.php?id=CVE-2025-20909
06 Mar 2025 — Use of implicit intent for sensitive communication in Settings prior to SMR Mar-2025 Release 1 allows local attackers to access sensitive information. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=03 •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20908
https://notcve.org/view.php?id=CVE-2025-20908
06 Mar 2025 — Use of insufficiently random values in Auracast prior to SMR Mar-2025 Release 1 allows adjacent attackers to access Auracast broadcasting. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=03 •