Skip to main content

Smart Switch

8 CVEs product

Monthly

CVE-2026-21005 HIGH This Week

A path traversal vulnerability in Smart Switch (CVSS 7.1) that allows adjacent attackers. High severity vulnerability requiring prompt remediation.

Path Traversal Smart Switch
NVD VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-21004 MEDIUM This Month

Smart Switch versions prior to 3.7.69.15 contain an improper authentication vulnerability that allows adjacent network attackers to trigger denial of service conditions without requiring user privileges or interaction. The vulnerability has a CVSS score of 6.9 with medium-to-high availability impact, making it a notable threat in local network environments where Smart Switch is deployed.

Denial Of Service Authentication Bypass Smart Switch
NVD VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-20999 HIGH This Week

Smart Switch versions prior to 3.7.69.15 contain a replay attack vulnerability in the authentication mechanism that allows remote attackers to bypass security controls and execute privileged functions without valid credentials. The vulnerability requires user interaction to trigger but poses a significant risk as no patch is currently available. Organizations using affected Smart Switch deployments should implement network-level controls to restrict access until an update is released.

Authentication Bypass Smart Switch
NVD VulDB
CVSS 4.0
7.1
EPSS
0.3%
CVE-2026-20998 HIGH This Week

Samsung Smart Switch versions prior to 3.7.69.15 contain an authentication bypass vulnerability that allows unauthenticated remote attackers to circumvent security controls. This vulnerability could enable attackers to gain unauthorized access to the application without valid credentials. No patch is currently available for this high-severity issue.

Authentication Bypass Smart Switch
NVD VulDB
CVSS 4.0
7.1
EPSS
0.3%
CVE-2026-20996 HIGH This Week

A cryptographic downgrade vulnerability in Samsung Smart Switch allows remote attackers to force the application to use weak authentication schemes during device-to-device transfers. The vulnerability affects Smart Switch versions prior to 3.7.69.15 and requires user interaction to exploit, potentially exposing sensitive data during the transfer process between Samsung devices. With a CVSS 4.0 score of 7.1 and no current evidence of active exploitation or public proof-of-concept code, this represents a moderate risk primarily to Samsung device users performing data migrations.

Information Disclosure Smart Switch
NVD VulDB
CVSS 4.0
7.1
EPSS
0.2%
CVE-2026-20995 MEDIUM This Month

Smart Switch versions prior to 3.7.69.15 contain an exposure of sensitive functionality vulnerability that allows remote attackers to set specific configurations without proper authorization. An unauthenticated attacker can leverage network access to manipulate configuration settings on affected devices, potentially leading to information disclosure and integrity compromise. This vulnerability requires user interaction according to the CVSS vector, suggesting a social engineering or phishing component may be necessary for successful exploitation.

Authentication Bypass Smart Switch
NVD VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-21078 HIGH This Month

Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows adjacent attackers to access backup data from applications. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Smart Switch
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-20996 MEDIUM This Month

A security vulnerability in Smart Switch installed on non-Samsung Device (CVSS 5.0) that allows local attackers. Remediation should follow standard vulnerability management procedures.

Information Disclosure Samsung Smart Switch
NVD
CVSS 3.1
5.0
EPSS
0.0%
EPSS 0% CVSS 7.1
HIGH This Week

A path traversal vulnerability in Smart Switch (CVSS 7.1) that allows adjacent attackers. High severity vulnerability requiring prompt remediation.

Path Traversal Smart Switch
NVD VulDB
EPSS 0% CVSS 6.9
MEDIUM This Month

Smart Switch versions prior to 3.7.69.15 contain an improper authentication vulnerability that allows adjacent network attackers to trigger denial of service conditions without requiring user privileges or interaction. The vulnerability has a CVSS score of 6.9 with medium-to-high availability impact, making it a notable threat in local network environments where Smart Switch is deployed.

Denial Of Service Authentication Bypass Smart Switch
NVD VulDB
EPSS 0% CVSS 7.1
HIGH This Week

Smart Switch versions prior to 3.7.69.15 contain a replay attack vulnerability in the authentication mechanism that allows remote attackers to bypass security controls and execute privileged functions without valid credentials. The vulnerability requires user interaction to trigger but poses a significant risk as no patch is currently available. Organizations using affected Smart Switch deployments should implement network-level controls to restrict access until an update is released.

Authentication Bypass Smart Switch
NVD VulDB
EPSS 0% CVSS 7.1
HIGH This Week

Samsung Smart Switch versions prior to 3.7.69.15 contain an authentication bypass vulnerability that allows unauthenticated remote attackers to circumvent security controls. This vulnerability could enable attackers to gain unauthorized access to the application without valid credentials. No patch is currently available for this high-severity issue.

Authentication Bypass Smart Switch
NVD VulDB
EPSS 0% CVSS 7.1
HIGH This Week

A cryptographic downgrade vulnerability in Samsung Smart Switch allows remote attackers to force the application to use weak authentication schemes during device-to-device transfers. The vulnerability affects Smart Switch versions prior to 3.7.69.15 and requires user interaction to exploit, potentially exposing sensitive data during the transfer process between Samsung devices. With a CVSS 4.0 score of 7.1 and no current evidence of active exploitation or public proof-of-concept code, this represents a moderate risk primarily to Samsung device users performing data migrations.

Information Disclosure Smart Switch
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM This Month

Smart Switch versions prior to 3.7.69.15 contain an exposure of sensitive functionality vulnerability that allows remote attackers to set specific configurations without proper authorization. An unauthenticated attacker can leverage network access to manipulate configuration settings on affected devices, potentially leading to information disclosure and integrity compromise. This vulnerability requires user interaction according to the CVSS vector, suggesting a social engineering or phishing component may be necessary for successful exploitation.

Authentication Bypass Smart Switch
NVD VulDB
EPSS 0% CVSS 8.8
HIGH This Month

Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows adjacent attackers to access backup data from applications. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Smart Switch
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

A security vulnerability in Smart Switch installed on non-Samsung Device (CVSS 5.0) that allows local attackers. Remediation should follow standard vulnerability management procedures.

Information Disclosure Samsung Smart Switch
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy