Rajesh

**Name of the Vulnerable Software and Affected Versions** ThemeManager versions prior to SMR Mar-2026 Release 1 **Description** Improper privilege management in ThemeManager prior to SMR Mar-2026 Release 1 allows local privileged attackers to reuse trial contents. This issue involves a flaw in how privileges are handled, potentially enabling malicious actors with local access to exploit the system. **Recommendations** Update ThemeManager to SMR Mar-2026 Release 1 or a later version.

**Name of the Vulnerable Software and Affected Versions** Galaxy Store versions prior to 4.5.87.6 **Description** The issue allows physical attackers to install arbitrary applications, bypassing the restrictions of Setupwizard through an alternate path in Galaxy Store. This enables attackers to circumvent intended security measures. **Recommendations** For Galaxy Store versions prior to 4.5.87.6, update to version 4.5.87.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the Galaxy Store until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Knoxguard versions prior to SMR Jul-2022 Release 1 **Description** The issue is related to an improper authorization vulnerability. It allows a local attacker to disable the keyguard and bypass the Knoxguard lock by performing a factory reset. **Recommendations** For versions prior to SMR Jul-2022 Release 1, update to SMR Jul-2022 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the factory reset feature to minimize the risk of exploitation.