Vulnerabilities > CVE-2021-25353 - Unspecified vulnerability in Samsung Galaxy Themes

CVSS 7.1 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

NONE

local

low complexity

samsung

NVD

Published: 2021-03-25

Updated: 2021-04-01

Summary

Using empty PendingIntent in Galaxy Themes prior to version 5.2.00.1215 allows local attackers to read/write private file directories of Galaxy Themes application without permission via hijacking the PendingIntent.

Vulnerable Configurations

Part	Description	Count
Application	Samsung Samsung Galaxy Themes -	1

References

https://security.samsungmobile.com/serviceWeb.smsb
https://security.samsungmobile.com/