011100101001

**Name of the Vulnerable Software and Affected Versions** SecSettings versions prior to SMR Oct-2025 Release 1 **Description** An improper access control issue exists in SecSettings. This allows local attackers to access sensitive information. User interaction is required to trigger this issue. **Recommendations** Update SecSettings to SMR Oct-2025 Release 1 or later.

**Name of the Vulnerable Software and Affected Versions** Samsung Health versions prior to 6.30.1.003 **Description** Improper authorization in Samsung Health allows local attackers to access data within the application. User interaction is required to trigger this issue. **Recommendations** Update Samsung Health to version 6.30.1.003 or later.

**Name of the Vulnerable Software and Affected Versions** UnifiedWFC versions prior to SMR May-2025 Release 1 **Description** The issue is related to improper verification of intent by a broadcast receiver, allowing local attackers to manipulate VoWiFi related behaviors. This could potentially be exploited by attackers to alter the expected functionality of VoWiFi. **Recommendations** For UnifiedWFC versions prior to SMR May-2025 Release 1, update to SMR May-2025 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the broadcast receiver to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Bixby Vision versions prior to 3.8.1 in Android 13 Bixby Vision versions prior to 3.8.3 in Android 14 Bixby Vision versions prior to 3.8.21 in Android 15 **Description** The issue is related to improper access control in Bixby Vision, allowing local attackers to access image files with Bixby Vision privilege. **Recommendations** For versions prior to 3.8.1 in Android 13, update to version 3.8.1 or later. For versions prior to 3.8.3 in Android 14, update to version 3.8.3 or later. For versions prior to 3.8.21 in Android 15, update to version 3.8.21 or later.

**Name of the Vulnerable Software and Affected Versions** Samsung Flow versions prior to 4.9.17.6 **Description** The issue is related to improper input validation, allowing local attackers to access data within Samsung Flow. **Recommendations** For versions prior to 4.9.17.6, update to version 4.9.17.6 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Android versions prior to SMR May-2025 Release 1 **Description** The issue concerns the use of implicit intent for sensitive communication in the Wi-Fi P2P service, allowing local attackers to access sensitive information. **Recommendations** For versions prior to SMR May-2025 Release 1, update to SMR May-2025 Release 1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** EnrichedCall versions prior to SMR May-2025 Release 1 **Description** The issue concerns the use of implicit intent for sensitive communication in EnrichedCall, allowing local attackers to access sensitive information. User interaction is required to trigger this issue. **Recommendations** For versions prior to SMR May-2025 Release 1, consider restricting access to sensitive information within the EnrichedCall feature until a patch is available. As a temporary workaround, consider disabling the use of implicit intent for sensitive communication in EnrichedCall to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: SamsungNotes versions prior to 4.4.26.45 Description: The issue allows local attackers to access sensitive information due to the use of implicit intent for sensitive communication. Recommendations: For versions prior to 4.4.26.45, update to version 4.4.26.45 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Settings versions prior to SMR Mar-2025 Release 1 **Description** The issue concerns the use of implicit intent for sensitive communication in Settings, which allows local attackers to access sensitive information. **Recommendations** For versions prior to SMR Mar-2025 Release 1, update to SMR Mar-2025 Release 1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Samsung Notes versions prior to 4.4.26.71 **Description** The issue is related to an out-of-bounds read when applying binary of video content. This allows attackers to read out-of-bounds memory. **Recommendations** For versions prior to 4.4.26.71, update to version 4.4.26.71 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Samsung Notes versions prior to 4.4.26.71 **Description** The issue is related to an out-of-bounds read in applying binary of text content. This allows attackers to read out-of-bounds memory. **Recommendations** For versions prior to 4.4.26.71, update to version 4.4.26.71 or later to resolve the issue.