CVE-2026-20999

| EUVD-2026-12315 HIGH
2026-03-16 SamsungMobile
7.1
CVSS 4.0
Share

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
P
Scope
X

Lifecycle Timeline

3
Analysis Generated
Mar 16, 2026 - 05:00 vuln.today
EUVD ID Assigned
Mar 16, 2026 - 05:00 euvd
EUVD-2026-12315
CVE Published
Mar 16, 2026 - 04:32 nvd
HIGH 7.1

Tags

Authentication Bypass

Description

Authentication bypass by replay in Smart Switch prior to version 3.7.69.15 allows remote attackers to trigger privileged functions.

Analysis

Smart Switch versions prior to 3.7.69.15 contain a replay attack vulnerability in the authentication mechanism that allows remote attackers to bypass security controls and execute privileged functions without valid credentials. The vulnerability requires user interaction to trigger but poses a significant risk as no patch is currently available. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Remediation

Within 24 hours: Inventory all Samsung Smart Switch installations and identify systems running versions prior to 3.7.69.15. Within 7 days: Disable Samsung Smart Switch on non-essential systems and restrict its use to trusted networks only; communicate vulnerability details to all users. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

36
Low Medium High Critical
KEV: 0
EPSS: +0.3
CVSS: +36
POC: 0

Share

CVE-2026-20999 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy