CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20903
https://notcve.org/view.php?id=CVE-2025-20903
06 Mar 2025 — Improper access control in SecSettingsIntelligence prior to SMR Mar-2025 Release 1 allows local attackers to launch privileged activities. User interaction is required for triggering this vulnerability. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=03 •
CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20907
https://notcve.org/view.php?id=CVE-2025-20907
04 Feb 2025 — Improper privilege management in Samsung Find prior to SMR Feb-2025 Release 1 allows local privileged attackers to disable Samsung Find. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=02 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20906
https://notcve.org/view.php?id=CVE-2025-20906
04 Feb 2025 — Improper Export of Android Application Components in Settings prior to SMR Feb-2025 Release 1 allows local attackers to enable ADB. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=02 •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20905
https://notcve.org/view.php?id=CVE-2025-20905
04 Feb 2025 — Out-of-bounds read and write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged attackers to read and write out-of-bounds memory. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=02 •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20904
https://notcve.org/view.php?id=CVE-2025-20904
04 Feb 2025 — Out-of-bounds write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged attackers to cause memory corruption. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=02 •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20893
https://notcve.org/view.php?id=CVE-2025-20893
04 Feb 2025 — Improper access control in NotificationManager prior to SMR Jan-2025 Release 1 allows local attackers to change the configuration of notifications. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=01 •
CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20892
https://notcve.org/view.php?id=CVE-2025-20892
04 Feb 2025 — Protection Mechanism Failure in bootloader prior to SMR Jan-2025 Release 1 allows physical attackers to allow to execute fastboot command. User interaction is required for triggering this vulnerability. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=01 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20891
https://notcve.org/view.php?id=CVE-2025-20891
04 Feb 2025 — Out-of-bounds read in decoding malformed bitstream of video thumbnails in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=01 •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20890
https://notcve.org/view.php?id=CVE-2025-20890
04 Feb 2025 — Out-of-bounds write in decoding frame buffer in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=01 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20889
https://notcve.org/view.php?id=CVE-2025-20889
04 Feb 2025 — Out-of-bounds read in decoding malformed bitstream for smp4vtd in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=01 •