CVE-2025-20968CRITICAL 9.1EPSS p18.1%

CVE-2025-20968CVE-2025-20968

Description

Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows remote attackers to access data and perform internal operations within Samsung Gallery.

Scoring

CVSS 3.19.1 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS0.27% probability of exploitation · percentile 18.1% · 2026-06-18T12:00:27Z
Published2025-05-07
Last modified2026-01-30

References

  1. https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=05

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-20967
CVE
CVE-2025-20949
CVE
Samsung Mobile Devices Improper Access Control Vulnerability
CVE
CVE-2026-21037
CVE
CVE-2026-21034
CVE
CVE-2026-21036
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.