← Volver a CVEs
CVE-2025-21079
HIGH7.1
Descripcion
Improper input validation in Samsung Members prior to version 5.5.01.3 allows remote attackers to connect arbitrary URL and launch arbitrary activity with Samsung Members privilege. User interaction is required for triggering this vulnerability.
Detalles CVE
Puntuacion CVSS v3.17.1
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioREQUIRED
Publicado11/5/2025
Ultima modificacion11/7/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
samsung:members
Referencias
https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=11(mobile.security@samsung.com)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.