CVE-2025-58487

MEDIUM4.0

Description

Improper authorization in Samsung Account prior to version 15.5.01.1 allows local attacker to launch arbitrary activity with Samsung Account privilege.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

Affected products

Samsung Mobile / Samsung Account15.5.01.1 – 15.5.01.1

References

MISChttps://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=12