CVE-2025-20951

Name of the Vulnerable Software and Affected Versions: Galaxy Store versions prior to 4.5.90.7

Description: The issue is related to improper verification of intent by a broadcast receiver in Galaxy Store, allowing local attackers to write arbitrary files with the privilege of Galaxy Store. This could potentially lead to unauthorized access or modification of sensitive data.

Recommendations: For Galaxy Store versions prior to 4.5.90.7, update to version 4.5.90.7 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.