An improper access control vulnerability in TelephonyUI prior to SMR MAY-2021 Release 1 allows local attackers to write arbitrary files of telephony process via untrusted applications.
References
Link | Resource |
---|---|
https://blog.oversecured.com/Two-weeks-of-securing-Samsung-devices-Part-1/ | Exploit Third Party Advisory |
https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=5 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Samsung Mobile
Published: 2021-06-11T14:45:22
Updated: 2021-06-11T14:47:58
Reserved: 2021-01-19T00:00:00
Link: CVE-2021-25397
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-06-11T15:15:09.230
Modified: 2022-10-25T18:33:46.563
Link: CVE-2021-25397
JSON object: View
Redhat Information
No data.
CWE