CVE-2021-25441

Published: Jul 8, 2021Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Improper input validation vulnerability in AR Emoji Editor prior to version 4.4.03.5 in Android Q(10.0) and above allows untrusted applications to access arbitrary files with an escalated privilege.

Affected (1)

Products: Samsung: Ar Emoji Editor

Samsung

1 product

Ar Emoji Editor

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Samsung Ar Emoji Editor	Version 4.4.03.5

Running on/with	Platform Versions
Google Android	From 10.0

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (2)

https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=7

Source: mobile.security@samsung.com

Vendor Advisory

https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=7

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.