Skip to main content

Samsung CVE-2026-25203

| EUVDEUVD-2026-21252 HIGH
Incorrect Default Permissions (CWE-276)
2026-04-10 samsung.tv_appliance
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Apr 10, 2026 - 01:45 euvd
EUVD-2026-21252
Analysis Generated
Apr 10, 2026 - 01:45 vuln.today
CVE Published
Apr 10, 2026 - 01:24 nvd
HIGH 7.8

DescriptionCVE.org

Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability

This issue affects MagicINFO 9 Server: less than 21.1091.1.

AnalysisAI

Local privilege escalation in Samsung MagicINFO 9 Server versions prior to 21.1091.1 enables authenticated low-privileged users to escalate to high privileges through incorrect default file/directory permissions. Attackers with local access can obtain complete system control, compromising confidentiality, integrity, and availability. Attack requires local access and low-level authentication but no user interaction. No public exploit identified at time of analysis.

Technical ContextAI

Root cause stems from CWE-276 (Incorrect Default Permissions) where critical MagicINFO server files or directories are configured with overly permissive access controls, allowing authenticated users to modify sensitive resources. CVSS vector AV:L/PR:L indicates exploitation requires local system access with existing low-privilege credentials. The S:U scope parameter confirms privilege escalation remains contained within the vulnerable component.

RemediationAI

Vendor-released patch: upgrade to Samsung MagicINFO 9 Server version 21.1091.1 or later, which remediates the incorrect default permissions. Consult official advisory at https://security.samsungtv.com/securityUpdates for installation instructions and release notes. Until patching is feasible, implement compensating controls including restricting local user account creation, enforcing principle of least privilege through system-level access controls, and monitoring file system permissions on MagicINFO installation directories for unauthorized modifications. Audit existing user permissions to ensure no low-privilege accounts have unnecessary access to server directories. Disable or restrict local interactive logon for non-administrative accounts where operationally viable.

CVE-2024-7399 HIGH POC
8.8 Aug 12

Arbitrary file write as SYSTEM in Samsung MagicINFO 9 Server before version 21.1050 allows remote attackers to place att

CVE-2025-4632 CRITICAL POC
9.8 May 13

Samsung MagicINFO 9 Server contains a path traversal vulnerability allowing unauthenticated attackers to write arbitrary

CVE-2012-4333 CRITICAL POC
10.0 Aug 14

Multiple stack-based buffer overflows in the BackupToAvi method in the (1) UMS_Ctrl 1.5.1.1 and (2) UMS_Ctrl_STW 2.0.1.0

CVE-2017-16524 HIGH POC
8.8 Nov 06

Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an Unrestricted file upload vulnerability: 'network_ssl_u

CVE-2015-8279 HIGH POC
8.6 Jan 15

Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to read arbitrary files via a request to an un

CVE-2017-17692 HIGH POC
7.5 Dec 21

Samsung Internet Browser 5.4.02.3 allows remote attackers to bypass the Same Origin Policy and obtain sensitive informat

CVE-2012-6429 CRITICAL POC
10.0 Apr 04

Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies before 2.5.1.12123_2_7

CVE-2012-4329 HIGH POC
7.8 Aug 14

The Samsung D6000 TV and possibly other products allow remote attackers to cause a denial of service (continuous restart

CVE-2012-4330 HIGH POC
7.8 Aug 14

The Samsung D6000 TV and possibly other products allows remote attackers to cause a denial of service (crash) via a long

CVE-2012-4334 CRITICAL POC
10.0 Aug 14

The ConnectDDNS method in the (1) STWConfigNVR 1.1.13.15 and (2) STWConfig 1.1.14.13 ActiveX controls in Samsung NET-i v

CVE-2015-5473 CRITICAL
9.8 Jun 01

Multiple directory traversal vulnerabilities in Samsung SyncThru 6 before 1.0 allow remote attackers to delete arbitrary

CVE-2012-4250 CRITICAL POC
9.3 Aug 13

Stack-based buffer overflow in the RequestScreenOptimization function in the XProcessControl.ocx ActiveX control in msls

Share

CVE-2026-25203 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy