CVE-2021-25374

Publication date

2021-04-09 17:38:29

Family

Samsung Mobile

State

PUBLISHED

Description

An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account.