CVE-2026-20975 LOW

CVE-2026-20975

Published January 9, 2026
Last update January 9, 2026

CVSS base score

2.1/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Improper handling of insufficient permission in Samsung Cloud prior to version 5.6.11 allows local attackers to access specific files in arbitrary path.

Key dates

02Disclosure timeline

January 9, 2026 CVE published
January 9, 2026 Record updated