CVE-2025-21061

EPSS 0.01%
Veröffentlicht 10.10.2025 06:33:19
Zuletzt bearbeitet 28.10.2025 15:40:58
Quelle mobile.security@samsung.com
CVE-Watchlists
Login
Unerledigt
Login

Cleartext storage of sensitive information in Smart Switch prior to version 3.7.67.2 allows local attackers to access sensitive data. User interaction is required for triggering this vulnerability.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Samsung ≫ Smart Switch Version < 3.7.67.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.003

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
mobile.security@samsung.com	7.1	1.8	5.2	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

CWE-312 Cleartext Storage of Sensitive Information

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=10

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-21061

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-21061

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-21061

EUVD