PT-2025-20051 · Samsung · Samsung Gallery
Sithi
·
Published
2024-05-24
·
Updated
2025-05-07
·
CVE-2025-20966
CVSS v2.0
4.9
Medium
| Vector | AV:L/AC:L/Au:N/C:C/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Samsung Gallery versions prior to 14.5.10.3 in Global Android 13
Samsung Gallery version 14.5.09.3 in China Android 13
Samsung Gallery version 15.5.04.5 in Android 14
Description
The issue is related to improper access control in Samsung Gallery, allowing physical attackers to access data across multiple user profiles.
Recommendations
For Samsung Gallery version 14.5.09.3 in China Android 13, update to a version later than 14.5.09.3.
For Samsung Gallery version 15.5.04.5 in Android 14, update to a version later than 15.5.04.5.
For Samsung Gallery versions prior to 14.5.10.3 in Global Android 13, update to version 14.5.10.3 or later.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Samsung Gallery