← back
CVE-2025-21079

CVE-2025-21079

CVSS 7.1 HIGHEPSS 0.4%
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.1EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
05 Nov 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Improper input validation in Samsung Members prior to version 5.5.01.3 allows remote attackers to connect arbitrary URL and launch arbitrary activity with Samsung Members privilege. User interaction is required for triggering this vulnerability.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
Affected products
Samsung Mobile · Samsung Members

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=11