PT-2021-16544 · Samsung · Samsung Account
Published
2021-03-25
·
Updated
2022-09-23
·
CVE-2021-25351
CVSS v3.1
3.2
Low
| Vector | AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L |
Name of the Vulnerable Software and Affected Versions:
Samsung Account versions prior to 10.7.0.7
Samsung Account versions prior to 12.1.1.3
Description:
The issue is related to improper access control in the EmailValidationView of Samsung Account, allowing physically proximate attackers to log out a user's account on a device without requiring the user's password.
Recommendations:
For versions prior to 10.7.0.7, update to version 10.7.0.7 or later.
For versions prior to 12.1.1.3, update to version 12.1.1.3 or later.
Fix
Improper Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Samsung Account