Unsanitized Intent Vulnerability in Samsung Contacts Allows Unauthorized Data Access

Unsanitized Intent Vulnerability in Samsung Contacts Allows Unauthorized Data Access

CVE-2021-25413 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Improper sanitization of incoming intent in Samsung Contacts prior to SMR JUN-2021 Release 1 allows local attackers to get permissions to access arbitrary data with Samsung Contacts privilege.

Learn more about our Contact.