CVE-2021-25428 - AskarLabs CVE Database

CVE-2021-25428

Vendor Samsung Mobile

Product Samsung Mobile Devices

Weakness CWE-269

Published July 8, 2021

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Improper validation check vulnerability in PackageManager prior to SMR July-2021 Release 1 allows untrusted applications to get dangerous level permission without user confirmation in limited circumstances.

Key dates

02Disclosure timeline

July 8, 2021 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-25428

Related vulnerabilities

04Related CVE

CVE-2023-2833 ReviewX <= 1.6.13 - Arbitrary Usermeta Update to Authenticated (Subscriber+) Privilege Escalation CVE-2024-30473 CVE-2020-8269 CVE-2025-8218 Real Spaces - WordPress Properties Directory Theme <= 3.5 - Authenticated (Subscriber+) Privilege Escalation to Administrator via 'change_role_member' CVE-2021-36784 Privilege escalation for users with create/update permissions in Global Roles