Skip to main content

Internet EUVDEUVD-2025-16826

| CVE-2025-20995 MEDIUM
2025-06-04 mobile.security@samsung.com
4.9
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.9 MEDIUM
AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack Vector
Local
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

3
EUVD ID Assigned
Mar 14, 2026 - 17:29 euvd
EUVD-2025-16826
Analysis Generated
Mar 14, 2026 - 17:29 vuln.today
CVE Published
Jun 04, 2025 - 05:15 nvd
MEDIUM 4.9

DescriptionCVE.org

Improper handling of insufficient permission in ClientProvider in Samsung Internet installed on non-Samsung Device prior to version 28.0.0.59 allows local attackers to read and write arbitrary files.

AnalysisAI

A arbitrary file access vulnerability in ClientProvider in Samsung Internet installed on non-Samsung Device (CVSS 4.9) that allows local attackers. Remediation should follow standard vulnerability management procedures.

Technical ContextAI

Vulnerability type: arbitrary file access. Affects ClientProvider in Samsung Internet installed on non-Samsung Device.

RemediationAI

Monitor vendor channels for patch availability.

CVE-2024-20838 HIGH
7.8 Mar 05

Improper validation vulnerability in Samsung Internet prior to version 24.0.3.2 allows local attackers to execute arbitr

CVE-2021-25418 HIGH
7.8 Jun 11

Improper component protection vulnerability in Samsung Internet prior to version 14.0.1.62 allows untrusted applications

CVE-2021-25400 HIGH
7.8 Jun 11

Intent redirection vulnerability in Samsung Internet prior to version 14.0.1.20 allows attacker to execute privileged ac

CVE-2023-30674 MEDIUM
6.5 Jul 06

Improper configuration in Samsung Internet prior to version 21.0.0.41 allows attacker to bypass SameSite Cookie. Rated m

CVE-2021-25419 MEDIUM
6.5 Jun 11

Non-compliance of recommended secure coding scheme in Samsung Internet prior to version 14.0.1.62 allows attackers to di

CVE-2021-25520 MEDIUM
6.1 Dec 08

Insecure caller check and input validation vulnerabilities in SearchKeyword deeplink logic prior to Samsung Internet 16.

CVE-2021-25466 MEDIUM
5.9 Sep 09

Improper scheme check vulnerability in Samsung Internet prior to version 15.0.2.47 allows attackers to perform Man-in-th

CVE-2025-58485 MEDIUM
5.5 Dec 02

A security vulnerability in Samsung Internet (CVSS 5.5) that allows local attackers. Remediation should follow standard

CVE-2024-34671 MEDIUM
5.5 Oct 08

Use of implicit intent for sensitive communication in translation혻in Samsung Internet prior to version 26.0.3.1 allows l

CVE-2024-20869 MEDIUM
5.5 May 07

Improper privilege management vulnerability in Samsung Internet prior to version 25.0.0.41 allows local attackers to byp

CVE-2024-20837 MEDIUM
5.3 Mar 05

Improper handling of granting permission for Trusted Web Activities in Samsung Internet prior to version 24.0.0.41 allow

CVE-2024-20829 MEDIUM
5.3 Mar 05

Missing proper interaction for opening deeplink in Samsung Internet prior to version v24.0.0.0 allows remote attackers t

Share

EUVD-2025-16826 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy