Improper access control in Samsung Message prior to SMR Jul-2024 Release 1 allows local attackers to access location data.
Improper access control in SamsungNotesService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.
Improper access control in SecSettings prior to SMR Oct-2025 Release 1 allows local attackers to access sensitive information. User interaction is required for triggering this vulnerability.
Improper access control in key input related function in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vul
Improper authorization in One UI Home prior to SMR Sep-2024 Release 1 allows physical attackers to temporarily access sensitive information.
Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows remote attackers to access data and perfor
Improper access control in Contacts prior to SMR Nov-2024 Release 1 allows physical attackers to access data across multiple user profiles.
Improper access control in item selection related in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnera
Improper Verification of Intent by Broadcast Receiver in DeviceIdService prior to SMR Apr-2025 Release 1 allows local attackers to reset OAID.
Improper handling of insufficient permission in Telephony prior to SMR Aug-2024 Release 1 allows local attackers to configure default Message application.
Improper input validation in ThemeCenter prior to SMR Sep-2024 Release 1 allows physical attackers to install privileged applications.
Improper authentication in Private Info in Samsung Pass in prior to version 4.4.04.7 allows physical attackers to access sensitive information in a specific scenario.
Out-of-bounds write in parsing h.263+ format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required f
Improper access control in System property prior to SMR Aug-2024 Release 1 allows local attackers to access cell related information.
Improper privilege management in Samsung System Support Service prior to version 8.0.8.0 allows local attackers to trigger privileged functions.
Improper access control in ExtControlDeviceService prior to SMR Aug-2024 Release 1 allows local attackers to access protected data.
Improper handling of insufficient permission or privileges in ClipboardService prior to SMR Apr-2025 Release 1 allows local attackers to access image files across multiple users. User interaction is r
Improper verification of intent by broadcast receiver in Samsung Flow prior to version 4.9.17.6 allows local attackers to modify Samsung Flow configuration.
Improper access control in SmartThingsService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.
Improper access control in One UI Home prior to SMR Sep-2025 Release 1 allows physical attackers to bypass Kiosk mode under limited conditions.