Vulnerabilities > CVE-2021-25495 - Out-of-bounds Write vulnerability in Samsung Notes

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

samsung

CWE-787

NVD

Published: 2021-10-06

Updated: 2022-04-26

Summary

A possible heap buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution.

Vulnerable Configurations

Part	Description	Count
Application	Samsung Samsung Notes - Samsung Notes 2.0.02.31 Samsung Notes 4.2.00.22 Samsung Notes 4.2.04.27 Samsung Notes 4.3.02.61	5

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=10