← back
CVE-2021-25351

CVE-2021-25351

CVSS 3.2 LOWEPSS 0.3%CWE-285
Vexday Risk Score
8Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 3.2EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
25 Mar 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Improper Access Control in EmailValidationView in Samsung Account prior to version 10.7.0.7 and 12.1.1.3 allows physically proximate attackers to log out user account on device without user password.
CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
Affected products
Samsung Mobile · Samsung Account

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://security.samsungmobile.com/https://security.samsungmobile.com/serviceWeb.smsb