Vulnerability Database

308,379

Total vulnerabilities in the database

CVE-2025-21049

Improper access control in SecSettings prior to SMR Oct-2025 Release 1 allows local attackers to access sensitive information. User interaction is required for triggering this vulnerability.

Published: Oct 10, 2025
Updated: Nov 16, 2025
CVE: CVE-2025-21049
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
samsung / android	15.0	15.0.x
samsung / android	15.0-smr-apr-2025-r1	15.0-smr-apr-2025-r1.x
samsung / android	15.0-smr-aug-2025-r1	15.0-smr-aug-2025-r1.x
samsung / android	15.0-smr-jul-2025-r1	15.0-smr-jul-2025-r1.x
samsung / android	15.0-smr-jun-2025-r1	15.0-smr-jun-2025-r1.x
samsung / android	15.0-smr-mar-2025-r1	15.0-smr-mar-2025-r1.x
samsung / android	15.0-smr-may-2025-r1	15.0-smr-may-2025-r1.x
samsung / android	15.0-smr-sep-2025-r1	15.0-smr-sep-2025-r1.x
samsung / android	16.0	16.0.x
samsung / android	16.0-smr-aug-2025-r1	16.0-smr-aug-2025-r1.x
samsung / android	16.0-smr-sep-2025-r1	16.0-smr-sep-2025-r1.x

https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=10

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo