CVE-2025-20967CRITICAL 9.1EPSS p7.6%

CVE-2025-20967CVE-2025-20967

Description

Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows attackers to read and write arbitrary file with the privilege of Samsung Gallery.

Scoring

CVSS 3.19.1 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS0.18% probability of exploitation · percentile 7.6% · 2026-06-19T12:03:05Z
Published2025-05-07
Last modified2026-01-30

References

  1. https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=05

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-20968
CVE
CVE-2025-20949
CVE
Samsung Mobile Devices Improper Access Control Vulnerability
CVE
Samsung Mobile Devices Out-of-Bounds Write Vulnerability
CVE
CVE-2026-21037
CVE
Samsung Mobile Devices Insertion of Sensitive Information Into Log File Vulnerability
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.