Severity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
5DescriptionCVE.org
Integer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.
AnalysisAI
Integer overflow in Samsung Escargot JavaScript engine allows remote attackers to trigger buffer overflows without authentication via network-delivered crafted JavaScript code. Affects commit 97e8115ab and prior versions. No public exploit identified at time of analysis, though upstream fix available (PR/commit); released patched version not independently confirmed. With CVSS 8.1 (High) and network attack vector requiring high complexity, this represents significant risk for devices and applications embedding the Escargot engine, particularly Samsung smart TV and appliance platforms.
Technical ContextAI
Samsung Escargot is a lightweight JavaScript engine designed for memory-constrained environments such as IoT devices, smart TVs, and embedded appliances. This vulnerability stems from CWE-190 (Integer Overflow or Wraparound), where arithmetic operations on integer values can wrap around to produce unexpectedly small results. When these values control buffer sizes or memory allocation, the overflow enables writing beyond allocated boundaries-creating a classic buffer overflow condition. The affected component is identified by CPE as samsung_open_source:escargot, with the specific vulnerable commit hash 97e8115ab1110bc502b4b5e4a0c689a71520d335. Integer overflows in JavaScript engines are particularly dangerous because JavaScript's dynamic typing and automatic conversions can obscure malicious arithmetic until runtime, when memory corruption occurs during object allocation, array indexing, or string operations.
RemediationAI
Upstream fix available via GitHub Pull Request #1554 at https://github.com/Samsung/escargot/pull/1554; released patched version not independently confirmed. For developers integrating Escargot: immediately update to a commit incorporating PR #1554 or later, rebuild JavaScript engine binaries, and redeploy to affected products. For Samsung device owners: monitor vendor security bulletins for firmware updates addressing CVE-2026-25208 and apply updates immediately when available. As a temporary mitigation, restrict network access to JavaScript execution contexts where feasible, though this may significantly impact device functionality. Enterprises deploying Samsung smart appliances or TVs should inventory affected devices, prioritize those with external network exposure, and establish expedited patch deployment procedures once vendor firmware becomes available.
Arbitrary file write as SYSTEM in Samsung MagicINFO 9 Server before version 21.1050 allows remote attackers to place att
Samsung MagicINFO 9 Server contains a path traversal vulnerability allowing unauthenticated attackers to write arbitrary
Multiple stack-based buffer overflows in the BackupToAvi method in the (1) UMS_Ctrl 1.5.1.1 and (2) UMS_Ctrl_STW 2.0.1.0
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an Unrestricted file upload vulnerability: 'network_ssl_u
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to read arbitrary files via a request to an un
Samsung Internet Browser 5.4.02.3 allows remote attackers to bypass the Same Origin Policy and obtain sensitive informat
Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies before 2.5.1.12123_2_7
The Samsung D6000 TV and possibly other products allow remote attackers to cause a denial of service (continuous restart
The Samsung D6000 TV and possibly other products allows remote attackers to cause a denial of service (crash) via a long
The ConnectDDNS method in the (1) STWConfigNVR 1.1.13.15 and (2) STWConfig 1.1.14.13 ActiveX controls in Samsung NET-i v
Multiple directory traversal vulnerabilities in Samsung SyncThru 6 before 1.0 allow remote attackers to delete arbitrary
Stack-based buffer overflow in the RequestScreenOptimization function in the XProcessControl.ocx ActiveX control in msls
Same weakness CWE-190 – Integer Overflow or Wraparound
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-21824
GHSA-w5xm-3w7h-mqrh