EUVD-2025-16827

| CVE-2025-20994 MEDIUM
2025-06-04 [email protected]
4.5
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
Attack Vector
Local
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

3
Analysis Generated
Mar 14, 2026 - 17:29 vuln.today
EUVD ID Assigned
Mar 14, 2026 - 17:29 euvd
EUVD-2025-16827
CVE Published
Jun 04, 2025 - 05:15 nvd
MEDIUM 4.5

Tags

Information Disclosure Samsung Internet

Description

Improper handling of insufficient permission in SyncClientProvider in Samsung Internet installed on non-Samsung Device prior to version 28.0.0.59 allows local attackers to access read and write arbitrary files.

Analysis

A arbitrary file access vulnerability in SyncClientProvider in Samsung Internet installed on non-Samsung Device (CVSS 4.5) that allows local attackers. Remediation should follow standard vulnerability management procedures.

Technical Context

Vulnerability type: arbitrary file access. Affects SyncClientProvider in Samsung Internet installed on non-Samsung Device.

Affected Products

['SyncClientProvider in Samsung Internet installed on non-Samsung Device']

Remediation

Monitor vendor channels for patch availability.

Priority Score

23
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +22
POC: 0

Share

EUVD-2025-16827 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy