CVE-2025-20967

Published: May 7, 2025Modified: Jan 30, 2026

9.1

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Exploitability: 3.9 / Impact: 5.2

Source: NVD

Description

Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows attackers to read and write arbitrary file with the privilege of Samsung Gallery.

Affected (3)

Products: Samsung: Gallery

Samsung

1 product

Gallery

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Samsung Gallery	Before 14.5.10.3

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Samsung Gallery	Before 14.5.09.3

Running on/with	Platform Versions
Samsung Android	Version 13.0

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Samsung Gallery	Before 15.5.04.5

Running on/with	Platform Versions
Samsung Android	Version 14.0

References (1)

https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=05

Source: mobile.security@samsung.com

Vendor Advisory

Timeline

No history available yet.