← back
CVE-2021-25333

CVE-2021-25333

CVSS 3.2 LOWEPSS 0.3%CWE-200
Vexday Risk Score
8Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 3.2EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
04 Mar 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen via scanning specific QR code.
CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
Affected products
Samsung Mobile · Samsung Pay Mini

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://security.samsungmobile.comhttps://security.samsungmobile.com/serviceWeb.smsb