Tagged: Cybersecurity Alert

Incorrect default permissions in Samsung Cloud Assistant prior to version 8.0.03.8 allows local attacker to access partial data in sandbox. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=12

Improper input validation in Samsung Internet prior to version 29.0.0.48 allows local attackers to inject arbitrary script. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=12

Improper input validation in Samsung Account prior to version 15.5.01.1 allows local attacker to execute arbitrary script. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=12

Improper authorization in Samsung Account prior to version 15.5.01.1 allows local attacker to launch arbitrary activity with Samsung Account privilege. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=12

Improper verification of source of a communication channel in SmartTouchCall prior to version 1.0.1.1 allows remote attackers to access sensitive information. User interaction is required for triggering this vulnerability. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=12

Improper input validation in libsec-ril.so prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory. More information : https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=12

Out-of-bounds read vulnerability in bootloader prior to SMR Dec-2025 Release 1 allows physical attackers to access out-of-bounds memory. More information : https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=12

Out-of-bounds write in parsing IFD tag in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory. More information : https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=12

Out-of-bounds write in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory. More information : https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=12

Out-of-bounds read in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory. More information : https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=12

Heap-based buffer overflow in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory. More information : https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=12

Improper access control in MPRemoteService of MotionPhoto prior to version 4.1.51 allows local attackers to start privileged service. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=12

Out-of-bounds write in decoding metadata in fingerprint trustlet prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory. More information : https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=12

Improper export of android application components in Dynamic Lockscreen prior to SMR Dec-2025 Release 1 allows local attackers to access files with Dynamic Lockscreen’s privilege. More information : https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=12