CVE-2021-25431

Published: Jul 8, 2021Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

Improper access control vulnerability in Cameralyzer prior to versions 3.2.1041 in 3.2.x, 3.3.1040 in 3.3.x, and 3.4.4210 in 3.4.x allows untrusted applications to access some functions of Cameralyzer.

Affected (3)

Products: Samsung: Cameralyzer

Samsung

1 product

Cameralyzer

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Samsung Cameralyzer	From 3.2.0 to 3.2.1041

Running on/with	Platform Versions
Google Android	Version 9.0

Configuration B

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Samsung Cameralyzer	From 3.3.0 to 3.3.1040
Samsung Cameralyzer	From 3.4.0 to 3.4.4210

Running on/with	Platform Versions
Google Android	Version 10.0

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=7

Source: mobile.security@samsung.com

Vendor Advisory

https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=7

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.