CVE-2026-21025
5.5 MEDIUMIncorrect privilege assignment in Telephony prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information
Published: 2026-06-05 · Last updated: 2026-06-06
Severity and scoring
- CVSS
- 5.5 MEDIUM
- Vector
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected products
| Vendor | Product |
|---|---|
| samsung | android |
Description
Incorrect privilege assignment in Telephony prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2026-21033 — Improper export of android application components in ExpressHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local ... (7.1 HIGH)
- CVE-2026-21032 — Improper export of android application components in SmartHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local at... (7.1 HIGH)
- CVE-2026-21031 — Improper authorization in AppBlock prior to SMR Jun-2026 Release 1 allows local attacker to launch arbitrary activity (7.8 HIGH)
- CVE-2026-21030 — Improper access control in MediaTek Audio HAL prior to SMR Jun-2026 Release 1 allows local attackers to trigger privileged functions (7.8 HIGH)
- CVE-2026-21029 — Improper export of android application components in Galaxy Editing Service prior to SMR Jun-2026 Release 1 allows local attacker to exec... (7.8 HIGH)