CVE-2021-25405

An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4.2.04.27 allows untrusted applications to access local files.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Samsung MobileCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
VendorProductVersion
samsungnotes
𝑥
< 4.2.04.27
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=5
https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=5