Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from Vendor (SamsungMobile).
CVSS VectorNVD
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
Improper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged files.
AnalysisAI
Improper privilege handling in Samsung's SecTelephonyProvider component allows local attackers on Samsung Mobile Devices to access files that should be restricted to privileged processes. Affected devices run Android 14, 15, and 16 prior to the SMR Jun-2026 Release 1 patch, spanning the full current Samsung Android support matrix. No public exploit code exists and no KEV listing has been issued; the CVSS 4.0 score of 4.6 reflects constrained real-world impact due to required local access and active user interaction.
Technical ContextAI
SecTelephonyProvider is a content provider component within Samsung's proprietary Android system layer, responsible for managing telephony-related data and file access - including call logs, configuration data, and related privileged resources. The vulnerability arises from the component failing to correctly enforce access controls when a caller with insufficient privileges requests access to restricted telephony files, effectively permitting reads and writes that should be denied. Although the CWE field is listed as N/A by the reporter, the behavior is consistent with CWE-269 (Improper Privilege Management) or CWE-732 (Incorrect Permission Assignment for Critical Resource). The CVSS 4.0 vector (AV:L/AC:L/AT:N/PR:N/UI:A) confirms a local, low-complexity attack path with no prerequisite privileges on the device and no special attack configuration required, though active user interaction must occur for the exploit to succeed.
RemediationAI
Apply Samsung's SMR Jun-2026 Release 1 security patch, which resolves the privilege handling flaw in SecTelephonyProvider across Android 14, 15, and 16. The official advisory is published at https://security.samsungmobile.com/securityUpdate.smsb?year=2026&month=06. As compensating controls prior to patching, administrators managing Samsung device fleets via MDM (e.g., Samsung Knox) should enforce application allowlisting to prevent installation of untrusted or sideloaded apps, which are the most realistic vector for local exploitation - note that allowlisting may restrict legitimate employee-installed apps and requires policy review. Disabling USB debugging and enforcing device lock policies reduces the physical-access attack surface, with the trade-off of limiting developer and IT diagnostics workflows.
More in Samsung Mobile Devices
View allLocal privilege escalation in Samsung Galaxy Watch allows unprivileged local attackers to execute arbitrary code with sy
Incorrect privilege assignment in the Telephony component of Samsung Mobile devices prior to SMR Jun-2026 Release 1 perm
Improper handling of insufficient permissions in Routines prior to SMR May-2026 Release 1 allows local attackers to acce
Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local att
Out-of-bounds write in SveService prior to SMR May-2026 Release 1 allows local privileged attackers to execute arbitrary
External control of file name in Samsung AODManager prior to April 2026 SMR Release 1 allows privileged local attackers
Incorrect default permissions in FactoryCamera prior to SMR May-2026 Release 1 allows local attacker to access unique id
Improper input validation in Samsung Mobile Retail Mode prior to SMR April 2026 Release 1 allows local attackers with li
Bluetooth maintenance mode in Samsung Mobile devices prior to April 2026 SMR Release 1 permits physical attackers to byp
Improper input validation in Samsung Mobile devices prior to SMR April 2026 Release 1 allows physical attackers to bypas
Improper authorization in Samsung's AppBlock application on Android 15 and 16 devices allows a local, low-privileged att
Improper input validation in Routines prior to SMR May-2026 Release 1 allows physical attackers to launch privileged act
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-34796
GHSA-jvgc-m9mp-hwqr