Vulnerabilities > CVE-2021-25527 - Unspecified vulnerability in Samsung PAY

CVSS 3.3 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

local

low complexity

samsung

NVD

Published: 2021-12-08

Updated: 2023-06-26

Summary

Improper export of Android application components vulnerability in Samsung Pay (India only) prior to version 4.1.77 allows attacker to access Bill Pay and Recharge menu without authentication.

Vulnerable Configurations

Part	Description	Count
Application	Samsung Samsung PAY *	1

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=12