CVE Vulnerability
CVE-2021-25381
Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in Android P(9.0) and below, and 12.1.1.3 in Android Q(10.0) and above allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.
References
| Link | Resource |
|---|---|
| https://security.samsungmobile.com/serviceWeb.smsb | Vendor Advisory |
| https://security.samsungmobile.com/ | Vendor Advisory |
Configurations
Configuration 1
|
|
Information
Published : 2021-04-09 06:15
Updated : 2021-04-19 12:16
NVD link : CVE-2021-25381
Mitre link : CVE-2021-25381
CWE
CWE-276
Incorrect Default Permissions