CVE-2021-25369
Samsung Mobile Devices Improper Access Control Vulnerability
CVSS
—
Sin CVSS
EPSS
1.1%
p63
KEV
SÍ
8 nov 2022
Exploit Today
69
0-100
Publicado: — · Última mod.: —
Producto
Samsung / Mobile Devices
Vulnerabilidad
Samsung Mobile Devices Improper Access Control Vulnerability
Añadido a KEV
8 nov 2022
Remediar antes de
29 nov 2022
Uso conocido en ransomware
No
Descripción resumida
Samsung mobile devices using Mali GPU contains an improper access control vulnerability in sec_log file. Exploitation of the vulnerability exposes sensitive kernel information to the userspace. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25370.
Acción requerida
Apply updates per vendor instructions.
Notas
https://security.samsungmobile.com/securityUpdate.smsb; https://nvd.nist.gov/vuln/detail/CVE-2021-25369