CVE-2025-21035

Published: Sep 3, 2025Modified: Sep 29, 2025

4.6

Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 0.9 / Impact: 3.6

Source: mobile.security@samsung.com (Secondary)

Description

Improper access control in Samsung Calendar prior to version 12.5.06.5 in Android 14 and 12.6.01.12 in Android 15 allows physical attackers to access data across multiple user profiles.

Affected (2)

Products: Samsung: Calendar

Samsung

1 product

Calendar

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Samsung Calendar	Before 12.5.06.5

Running on/with	Platform Versions
Google Android	Version 14.0

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Samsung Calendar	Before 12.6.01.12

Running on/with	Platform Versions
Google Android	Version 15.0

References (1)

https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=09

Source: mobile.security@samsung.com

Vendor Advisory

Timeline

No history available yet.