Vulnerabilities > CVE-2021-25525 - Improper Check for Unusual or Exceptional Conditions vulnerability in Samsung PAY

CVSS 6.5 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

low complexity

samsung

CWE-754

NVD

Published: 2021-12-08

Updated: 2021-12-13

Summary

Improper check or handling of exception conditions vulnerability in Samsung Pay (US only) prior to version 4.0.65 allows attacker to use NFC without user recognition.

Vulnerable Configurations

Part	Description	Count
Application	Samsung Samsung PAY *	1

Common Weakness Enumeration (CWE)

CWE-754 - Improper Check for Unusual or Exceptional Conditions

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=12