Skip to main content

Samsung Members

4 CVEs product

Monthly

CVE-2026-21037 MEDIUM This Month

Improper input validation in Samsung Members prior to version 5.8.01.5 allows local authenticated attackers to access arbitrary URLs and launch arbitrary Android activities using Samsung Members' application privileges. The CVSS 4.0 vector (AV:L/AC:L/AT:N/PR:L/UI:N) confirms local access with low privileges and no additional preconditions, with the score of 6.9 reflecting a high availability impact on the vulnerable component alongside low integrity impact. No public exploit identified at time of analysis and this vulnerability is not listed in CISA KEV, but the ability to hijack privileged activity launches on Samsung devices makes it a meaningful local privilege-chaining vector.

Information Disclosure Samsung Samsung Members
NVD VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2022-36877 LOW Monitor

Exposure of Sensitive Information in FaqSymptomCardViewModel in Samsung Members prior to versions 4.3.00.11 in Global and 14.0.02.4 in China allows local attackers to access device identification via. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Samsung Samsung Members
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2021-25432 LOW Monitor

Information exposure vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to access chat. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Google Samsung Information Disclosure Samsung Members
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2018-11614 HIGH This Week

This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Samsung Members Fixed in version 2.4.25. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Samsung Samsung Members
NVD
CVSS 3.0
8.8
EPSS
1.3%
EPSS 0% CVSS 6.9
MEDIUM This Month

Improper input validation in Samsung Members prior to version 5.8.01.5 allows local authenticated attackers to access arbitrary URLs and launch arbitrary Android activities using Samsung Members' application privileges. The CVSS 4.0 vector (AV:L/AC:L/AT:N/PR:L/UI:N) confirms local access with low privileges and no additional preconditions, with the score of 6.9 reflecting a high availability impact on the vulnerable component alongside low integrity impact. No public exploit identified at time of analysis and this vulnerability is not listed in CISA KEV, but the ability to hijack privileged activity launches on Samsung devices makes it a meaningful local privilege-chaining vector.

Information Disclosure Samsung Samsung Members
NVD VulDB
EPSS 0% CVSS 3.3
LOW Monitor

Exposure of Sensitive Information in FaqSymptomCardViewModel in Samsung Members prior to versions 4.3.00.11 in Global and 14.0.02.4 in China allows local attackers to access device identification via. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Samsung Samsung Members
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Information exposure vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to access chat. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Google Samsung Information Disclosure +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Samsung Members Fixed in version 2.4.25. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Samsung Samsung Members
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy