Vulnerabilities > CVE-2021-25404 - Insecure Storage of Sensitive Information vulnerability in Samsung Smartthings Firmware

047910
CVSS 3.3 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
local
low complexity
samsung
CWE-922

Summary

Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows attacker to access user information via log.

Vulnerable Configurations

Part Description Count
OS
Samsung
1
Hardware
Samsung
1

Common Weakness Enumeration (CWE)