CVE-2021-25359 MEDIUM

CVE-2021-25359

Vendor Samsung Mobile

Product Samsung Mobile Devices

Weakness CWE-284

Published April 9, 2021

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

4.0/10

Attack vector Local

Attack complexity Low

Privileges required None

User interaction None

Confidentiality Low

Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

An improper SELinux policy prior to SMR APR-2021 Release 1 allows local attackers to access AP information without proper permissions via untrusted applications.

Key dates

02Disclosure timeline

April 9, 2021 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-25359

Related vulnerabilities

Identifiers

CVE CVE-2021-25359

CWE CWE-284

CVSS 4.0 / MEDIUM

Affected versions