← Voltar para CVEs
CVE-2025-21078
HIGH8.8
Descricao
Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows adjacent attackers to access backup data from applications.
Detalhes CVE
Pontuacao CVSS v3.18.8
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueADJACENT_NETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado11/5/2025
Ultima modificacao11/7/2025
Fontenvd
Avistamentos honeypot0
Produtos afetados
samsung:smart_switch
Referencias
https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=11(mobile.security@samsung.com)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.