← back
CVE-2021-25373

CVE-2021-25373

CVSS 5.5 MEDIUMEPSS 0.2%CWE-285
Using unsafe PendingIntent in Customization Service prior to version 2.2.02.1 in Android O(8.x), 2.4.03.0 in Android P(9.0), 2.7.02.1 in Android Q(10.0) and 2.9.01.1 in Android R(11.0) allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected products
Samsung Mobile · Customization Service

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://security.samsungmobile.com/https://security.samsungmobile.com/serviceWeb.smsb