PT-2025-23756 · Samsung · Samsung Internet

Blunt

Published

2025-06-04

Updated

2025-12-20

CVE-2025-20995

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions Samsung Internet versions prior to 28.0.0.59

Description The issue is related to the improper handling of insufficient permission in the ClientProvider component of Samsung Internet. This allows local attackers to read and write arbitrary files on non-Samsung devices.

Recommendations For versions prior to 28.0.0.59, update to version 28.0.0.59 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2025-20995

Affected Products

Samsung Internet

PT-2025-23756 · Samsung · Samsung Internet

CVE-2025-20995

Related Identifiers

Affected Products

References · 8