CVE-2025-26781 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
mitre	CNA	---				---
CISA-ADP	ADP	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 30%

Vendor	Product	Version
samsung	exynos_w920_firmware	-
samsung	exynos_1080_firmware	-
samsung	exynos_980_firmware	-
samsung	exynos_990_firmware	-
samsung	exynos_850_firmware	-
samsung	exynos_2200_firmware	-
samsung	exynos_1330_firmware	-
samsung	exynos_1380_firmware	-
samsung	exynos_1480_firmware	-
samsung	exynos_9110_firmware	-
samsung	modem_5400_firmware	-
samsung	modem_5123_firmware	-
samsung	exynos_w930_firmware	-

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Vulnerability Media Exposure

[GERMAN] Google Android Pixel: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in Google Android Pixel ausnutzen, um beliebigen Programmcode auszuführen, um seine Privilegien zu erhöhen, um Informationen offenzulegen, und um einen Denial of Service Angriff durchzuführen.
Published: 2025-12-02T23:00:00+00:00

References

https://semiconductor.samsung.com/support/quality-support/product-security-updates/

https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-26781/