CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20952
https://notcve.org/view.php?id=CVE-2025-20952
09 Apr 2025 — Improper access control in Mdecservice prior to SMR Apr-2025 Release 1 allows local attackers to access arbitrary files with system privilege. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20946
https://notcve.org/view.php?id=CVE-2025-20946
08 Apr 2025 — Improper handling of exceptional conditions in pairing specific bluetooth devices in Galaxy Watch Bluetooth pairing prior to SMR Apr-2025 Release 1 allows local attackers to pair with specific bluetooth devices without user interaction. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20939
https://notcve.org/view.php?id=CVE-2025-20939
08 Apr 2025 — Improper authorization in wireless download protocol in Galaxy Watch prior to SMR Apr-2025 Release 1 allows physical attackers to update device unique identifier of Watch devices. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20948
https://notcve.org/view.php?id=CVE-2025-20948
08 Apr 2025 — Out-of-bounds read in enrollment with cdsp frame secfr trustlet prior to SMR Apr-2025 Release 1 allows local privileged attackers to read out-of-bounds memory. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20947
https://notcve.org/view.php?id=CVE-2025-20947
08 Apr 2025 — Improper handling of insufficient permission or privileges in ClipboardService prior to SMR Apr-2025 Release 1 allows local attackers to access image files across multiple users. User interaction is required for triggering this vulnerability. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04 •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20945
https://notcve.org/view.php?id=CVE-2025-20945
08 Apr 2025 — Improper access control in Galaxy Watch prior to SMR Apr-2025 Release 1 allows local attackers to access sensitive information of Galaxy watch. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04 •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20944
https://notcve.org/view.php?id=CVE-2025-20944
08 Apr 2025 — Out-of-bounds read in parsing audio data in libsavsac.so prior to SMR Apr-2025 Release 1 allows local attackers to read out-of-bounds memory. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04 •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20943
https://notcve.org/view.php?id=CVE-2025-20943
08 Apr 2025 — Out-of-bounds write in secfr trustlet prior to SMR Apr-2025 Release 1 allows local privileged attackers to cause memory corruption. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04 •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20942
https://notcve.org/view.php?id=CVE-2025-20942
08 Apr 2025 — Improper Verification of Intent by Broadcast Receiver in DeviceIdService prior to SMR Apr-2025 Release 1 allows local attackers to reset OAID. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04 •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20941
https://notcve.org/view.php?id=CVE-2025-20941
08 Apr 2025 — Improper access control in InputManager to SMR Apr-2025 Release 1 allows local attackers to access the scancode of specific input device. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04 •