CVE-2026-21007

| EUVD-2026-21858 MEDIUM
2026-04-13 SamsungMobile GHSA-mfwr-v65c-m55q
4.4
CVSS 4.0
Share

CVSS Vector

CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Physical
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
Apr 13, 2026 - 06:28 vuln.today
CVSS Changed
Apr 13, 2026 - 06:22 NVD
4.4 (MEDIUM)

Tags

Authentication Bypass Samsung Mobile Devices

Description

Improper check for exceptional conditions in Device Care prior to SMR Apr-2026 Release 1 allows physical attackers to bypass Knox Guard.

Analysis

Device Care in Samsung Mobile devices prior to the April 2026 SMR Release 1 contains an improper exception handling vulnerability that permits physical attackers to bypass Knox Guard authentication enforcement. With a CVSS score of 4.4 and attack vector requiring physical access, this vulnerability poses a localized but serious integrity and confidentiality risk to device security architecture, particularly for devices left unattended or in corporate environments where physical access controls may be compromised.

Sign in for full analysis, threat intelligence, and remediation guidance.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

22
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +22
POC: 0

Share

CVE-2026-21007 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy