Vulnerabilities > CVE-2021-25438 - Unspecified vulnerability in Samsung Members 2.4.81.13/3.9.10.11

047910
CVSS 4.6 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
low complexity
samsung

Summary

Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause local file inclusion in webview.

Vulnerable Configurations

Part Description Count
Application
Samsung
3
OS
Google
1