What the vulnerability does
01Description
Improper Access Control in EmailValidationView in Samsung Account prior to version 10.7.0.7 and 12.1.1.3 allows physically proximate attackers to log out user account on device without user password.
CVSS base score
3.2/10
CVSS vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
Key dates
02Disclosure timeline
March 25, 2021
CVE published
August 3, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-10822 fuyang_lipengjun platform queryAll SysSmsLogController improper authorization
CVE-2025-11256 Kognetiks Chatbot <= 2.3.5 - Missing Authorization to Unauthenticated Limited File Uploads and Conversation Erasing
CVE-2020-8919 Information leakage in Gerrit
CVE-2025-64523 FileBrowser has Insecure Direct Object Reference (IDOR) in Share Deletion Function
CVE-2019-7489
