fkie_cve-2021-25337
Vulnerability from fkie_nvd
Published
2021-03-04 21:15
Modified
2025-02-14 16:41
Severity ?
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Summary
Improper access control in clipboard service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to read or write certain local files.
References
Impacted products
{
"cisaActionDue": "2022-11-29",
"cisaExploitAdd": "2022-11-08",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Samsung Mobile Devices Improper Access Control Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-apr-2019-r1:*:*:*:*:*:*",
"matchCriteriaId": "858555E6-5D30-4BBF-A5CD-FD1882209ABB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-apr-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "18D4924F-44AB-4E63-8040-D0B96F147BC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-aug-2019-r1:*:*:*:*:*:*",
"matchCriteriaId": "8150E4FA-8F29-4974-BDE8-ED192879DEFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-aug-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "D021B217-C481-43D1-A3E6-375E40BD4FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-dec-2018-r1:*:*:*:*:*:*",
"matchCriteriaId": "72145BA5-C781-4E36-BB39-33DD92B2F801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-dec-2019-r1:*:*:*:*:*:*",
"matchCriteriaId": "A2E3ED73-5CF8-451F-914B-123B2312110D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-dec-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "6986831F-0AF0-4719-BA45-4485D44D6707",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-feb-2019-r1:*:*:*:*:*:*",
"matchCriteriaId": "08E7C018-1293-4E29-83EB-AF177CA6B179",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-feb-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "6AB1563D-A951-4A9C-B348-0684DA242B05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-feb-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "3B9A3B41-AAC9-4E23-A265-959A9852B94C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-jan-2019-r1:*:*:*:*:*:*",
"matchCriteriaId": "D52A71AE-3D39-4F29-806B-603FE098510A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-jan-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "10C1DF2B-8371-4259-9139-7260EACEE98D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-jan-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "B93A5F5F-BF53-44D3-9583-811CC284DF86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-jul-2019-r1:*:*:*:*:*:*",
"matchCriteriaId": "60E1950A-282D-4065-AAA5-9BBB7F8D2C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-jul-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "4996EB5E-1FAB-4799-AE46-8176D74C49D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-jun-2019-r1:*:*:*:*:*:*",
"matchCriteriaId": "28950DDB-004F-4E01-9BBD-F5A320556D53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-jun-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "48B55CF5-CF20-48F7-A806-1234436566E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-mar-2019-r1:*:*:*:*:*:*",
"matchCriteriaId": "BF3FE371-E773-4AF6-A8DC-0FD9EF615647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-mar-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "45104240-9D60-47EA-8582-1F912FE7A1F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-may-2019-r1:*:*:*:*:*:*",
"matchCriteriaId": "9F7D7092-5423-4CD1-819D-B784106D1342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-may-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "7CA7EA43-3CD8-4529-9071-3FB14EE30F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-nov-2018-r1:*:*:*:*:*:*",
"matchCriteriaId": "5A9693C8-FE11-4E03-8D4A-0D6FE77627DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-nov-2019-r1:*:*:*:*:*:*",
"matchCriteriaId": "B4561F7F-6B1F-412D-A174-5F9709ACF806",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-nov-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "A54F7006-979F-4DF5-A350-77DC3A68536E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-oct-2018-r1:*:*:*:*:*:*",
"matchCriteriaId": "9282540E-26C5-4140-9074-480DB7F5DE41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-oct-2019-r1:*:*:*:*:*:*",
"matchCriteriaId": "BB304E43-DCCB-42E1-8B44-0825C9C437FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-oct-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "59BF1A24-8AC5-482F-B872-38D625FC669F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-sep-2019-r1:*:*:*:*:*:*",
"matchCriteriaId": "0EC7719C-8C21-4203-9ED9-E4C048FA5CF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:9.0:smr-sep-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "2427A8F0-035E-4DB5-8B91-EBD8E826F6DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:10.0:smr-apr-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "49DA0B6E-5E55-4893-8225-299E20DA2DD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:10.0:smr-aug-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "EF52B720-DC8C-4EF0-B20B-7FA8B192FAFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:10.0:smr-dec-2019-r1:*:*:*:*:*:*",
"matchCriteriaId": "6A0B5D2C-7AED-4330-ADAD-60F78A6A08DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:10.0:smr-dec-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "7C7B9407-D5E0-49EB-A05D-C5E02060AF36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:10.0:smr-feb-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "F10815EF-AA9D-4899-B4EF-ED7A96E46959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:10.0:smr-feb-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "18C71F11-7599-4AE1-B455-C7A50D8D5F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:10.0:smr-jan-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "91EA248A-4D4D-4A50-AC33-7098E17B7892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:10.0:smr-jan-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "878AAF2D-E54A-4145-A618-81341ED4B0C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:10.0:smr-jul-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "F3A43712-94EF-4670-A2FD-4363CBE850DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:10.0:smr-jun-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "FDCC210B-4083-494C-A233-FE2CA672004B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:10.0:smr-mar-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "9FA38AA3-A747-424E-B07E-F7931FA353F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:10.0:smr-may-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "9B48628C-6780-46B4-B717-8589658B0DCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:10.0:smr-nov-2019-r1:*:*:*:*:*:*",
"matchCriteriaId": "CFCFFC02-EFEF-4A4C-A9A3-8BF355E36601",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:10.0:smr-nov-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "CB4658B8-9120-48E1-8A92-3430CBC6DC9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:10.0:smr-oct-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "7685DB5C-C3C2-44E2-AB00-CEE65C68460B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:10.0:smr-sep-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "47335942-37FB-4A1D-837A-5D0B2883ED10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "C26195A5-31BE-4116-8F31-9F25BE57AB52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "25B42CE0-67DE-4611-8D70-DEEC975E32BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "AC082E25-1B7D-473D-A066-1463E6321CD5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in clipboard service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to read or write certain local files."
},
{
"lang": "es",
"value": "Un control de acceso inapropiado en el servicio clipboard en los dispositivos m\u00f3viles Samsung anteriores a SMR Mar-2021 Release 1, permite que las aplicaciones no confiables lean o escriban ciertos archivos locales"
}
],
"id": "CVE-2021-25337",
"lastModified": "2025-02-14T16:41:48.767",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 2.5,
"source": "mobile.security@samsung.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-04T21:15:13.667",
"references": [
{
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
],
"url": "https://security.samsungmobile.com"
},
{
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
],
"url": "https://security.samsungmobile.com/securityUpdate.smsb"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://security.samsungmobile.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://security.samsungmobile.com/securityUpdate.smsb"
}
],
"sourceIdentifier": "mobile.security@samsung.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "mobile.security@samsung.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…