Elias Schröder

**Name of the Vulnerable Software and Affected Versions** Samsung Voice Recorder versions prior to 21.5.73.12 in Android 15 and prior to 21.5.81.40 in Android 16 **Description** An improper access control issue exists in Samsung Voice Recorder. A physical attacker can access recording files on the lock screen. **Recommendations** Update Samsung Voice Recorder to version 21.5.73.12 or later on Android 15. Update Samsung Voice Recorder to version 21.5.81.40 or later on Android 16.

**Name of the Vulnerable Software and Affected Versions** Samsung DeX versions prior to SMR Oct-2025 Release 1 **Description** An improper access control issue exists in the WindowManager component of Samsung DeX. This allows a physically present attacker to temporarily access a list of recently used applications. **Recommendations** Update Samsung DeX to SMR Oct-2025 Release 1 or later.

**Name of the Vulnerable Software and Affected Versions** Samsung Voice Recorder versions prior to 21.5.40.37 **Description** The issue is related to improper access control in Samsung Voice Recorder, allowing physical attackers to access recording files on the lock screen. **Recommendations** For Samsung Voice Recorder versions prior to 21.5.40.37, update to version 21.5.40.37 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Samsung Video Player versions prior to 7.3.29.1 on Android 12 Samsung Video Player versions prior to 7.3.36.1 on Android 13 Samsung Video Player versions prior to 7.3.41.230 on Android 14 **Description** The issue is related to improper access control in the Samsung Video Player, allowing physical attackers to access video files of other users. This could lead to unauthorized access to sensitive information. **Recommendations** For Samsung Video Player on Android 12, update to version 7.3.29.1 or later. For Samsung Video Player on Android 13, update to version 7.3.36.1 or later. For Samsung Video Player on Android 14, update to version 7.3.41.230 or later.

**Name of the Vulnerable Software and Affected Versions** One UI Home versions prior to SMR Sep-2024 Release 1 **Description** The issue is related to improper authorization, allowing physical attackers to temporarily access sensitive information. This can be exploited by physical attackers. **Recommendations** For One UI Home versions prior to SMR Sep-2024 Release 1, update to the SMR Sep-2024 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting physical access to devices running the affected software to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Samsung Voice Recorder versions prior to 21.5.16.01 in Android 12 and Android 13 Samsung Voice Recorder versions prior to 21.4.51.02 in Android 14 **Description** The issue is related to improper access control in the Samsung Voice Recorder, allowing physical attackers with a hardware keyboard to use the Voice Recorder on the lock screen. **Recommendations** For Samsung Voice Recorder versions prior to 21.5.16.01 in Android 12 and Android 13, update to version 21.5.16.01 or later. For Samsung Voice Recorder versions prior to 21.4.51.02 in Android 14, update to version 21.4.51.02 or later.

**Name of the Vulnerable Software and Affected Versions** Samsung Internet versions prior to 24.0 **Description** The issue is related to an improper authorization verification vulnerability. This vulnerability allows physical attackers to access files downloaded in SecretMode without proper authentication. **Recommendations** For versions prior to 24.0, update to version 24.0 or later to resolve the issue. As a temporary workaround, consider restricting access to files downloaded in SecretMode until the update is applied.

**Name of the Vulnerable Software and Affected Versions** GameHomeCN versions prior to 4.2.60.2 **Description** The issue is related to improper access control, allowing local attackers to launch arbitrary activity in GameHomeCN. This can be exploited by local attackers. **Recommendations** For versions prior to 4.2.60.2, update to version 4.2.60.2 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive activities within GameHomeCN to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Samsung Voice Recorder versions prior to 21.4.15.01 in Android 12 and Android 13 Samsung Voice Recorder versions prior to 21.4.50.17 in Android 14 **Description** The issue is related to improper access control in the Samsung Voice Recorder, allowing physical attackers to access Voice Recorder information on the lock screen. **Recommendations** For Samsung Voice Recorder versions prior to 21.4.15.01 in Android 12 and Android 13, update to version 21.4.15.01 or later. For Samsung Voice Recorder versions prior to 21.4.50.17 in Android 14, update to version 21.4.50.17 or later.