Skip to main content

Samsung Wallpaper Service CVE-2026-21043

| EUVDEUVD-2026-42814 MEDIUM
2026-07-10 mobile.security@samsung.com GHSA-xw53-mwm6-gh7q
6.7
CVSS 4.0 · Vendor: samsung
Share

Severity by source

Vendor (samsung) PRIMARY
6.7 MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
4.4 MEDIUM

Local access and high privileges required per description; confidentiality-only impact with no scope change or integrity/availability effect.

3.1 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.0 AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (samsung).

CVSS VectorVendor: samsung

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jul 10, 2026 - 06:10 vuln.today

DescriptionCVE.org

Path traversal in Wallpaper service prior to SMR Jul-2026 Release 1 allows local privileged attackers to access files with system server privilege.

AnalysisAI

Path traversal in Samsung Mobile's Wallpaper service exposes arbitrary files readable under the system server privilege to local privileged attackers. Affected devices run Android 14, 15, and 16 with firmware prior to the SMR Jul-2026 Release 1. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Establish local privileged access on device
Delivery
Invoke Wallpaper service API with crafted path
Exploit
Traverse beyond intended directory boundary
Execution
Read arbitrary file with system server privilege
Impact
Exfiltrate sensitive data

Vulnerability AssessmentAI

Exploitation Exploitation requires local, authenticated access to the device with high OS-level privileges (PR:H per CVSS 4.0 vector). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The real-world risk is moderate and well-bounded by the attack prerequisites. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has already obtained a high-privilege local foothold on a Samsung device - for example, through a separate privilege-escalation exploit or a malicious privileged application - crafts a path traversal payload targeting the Wallpaper service API. By supplying a path such as '../../data/system/accounts.db' or similar, the attacker reads files owned by or accessible to the system server process, exfiltrating sensitive credentials or application state. …
Remediation Apply Samsung SMR Jul-2026 Release 1, which is the vendor-confirmed fix for Android 14, 15, and 16. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-21043 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy