CVE-2021-25337: Samsung Mobile Devices Improper Access Control Vulnerability
First published: Thu Mar 04 2021(Updated: )
Improper access control in clipboard service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to read or write certain local files.
Credit: mobile.security@samsung.com mobile.security@samsung.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samsung mobile devices | ||
| Samsung Android | =9.0-smr-apr-2019-r1 | |
| Samsung Android | =9.0-smr-apr-2020-r1 | |
| Samsung Android | =9.0-smr-aug-2019-r1 | |
| Samsung Android | =9.0-smr-aug-2020-r1 | |
| Samsung Android | =9.0-smr-dec-2018-r1 | |
| Samsung Android | =9.0-smr-dec-2019-r1 | |
| Samsung Android | =9.0-smr-dec-2020-r1 | |
| Samsung Android | =9.0-smr-feb-2019-r1 | |
| Samsung Android | =9.0-smr-feb-2020-r1 | |
| Samsung Android | =9.0-smr-feb-2021-r1 | |
| Samsung Android | =9.0-smr-jan-2019-r1 | |
| Samsung Android | =9.0-smr-jan-2020-r1 | |
| Samsung Android | =9.0-smr-jan-2021-r1 | |
| Samsung Android | =9.0-smr-jul-2019-r1 | |
| Samsung Android | =9.0-smr-jul-2020-r1 | |
| Samsung Android | =9.0-smr-jun-2019-r1 | |
| Samsung Android | =9.0-smr-jun-2020-r1 | |
| Samsung Android | =9.0-smr-mar-2019-r1 | |
| Samsung Android | =9.0-smr-mar-2020-r1 | |
| Samsung Android | =9.0-smr-may-2019-r1 | |
| Samsung Android | =9.0-smr-may-2020-r1 | |
| Samsung Android | =9.0-smr-nov-2018-r1 | |
| Samsung Android | =9.0-smr-nov-2019-r1 | |
| Samsung Android | =9.0-smr-nov-2020-r1 | |
| Samsung Android | =9.0-smr-oct-2018-r1 | |
| Samsung Android | =9.0-smr-oct-2019-r1 | |
| Samsung Android | =9.0-smr-oct-2020-r1 | |
| Samsung Android | =9.0-smr-sep-2019-r1 | |
| Samsung Android | =9.0-smr-sep-2020-r1 | |
| Samsung Android | =10.0-smr-apr-2020-r1 | |
| Samsung Android | =10.0-smr-aug-2020-r1 | |
| Samsung Android | =10.0-smr-dec-2019-r1 | |
| Samsung Android | =10.0-smr-dec-2020-r1 | |
| Samsung Android | =10.0-smr-feb-2020-r1 | |
| Samsung Android | =10.0-smr-feb-2021-r1 | |
| Samsung Android | =10.0-smr-jan-2020-r1 | |
| Samsung Android | =10.0-smr-jan-2021-r1 | |
| Samsung Android | =10.0-smr-jul-2020-r1 | |
| Samsung Android | =10.0-smr-jun-2020-r1 | |
| Samsung Android | =10.0-smr-mar-2020-r1 | |
| Samsung Android | =10.0-smr-may-2020-r1 | |
| Samsung Android | =10.0-smr-nov-2019-r1 | |
| Samsung Android | =10.0-smr-nov-2020-r1 | |
| Samsung Android | =10.0-smr-oct-2020-r1 | |
| Samsung Android | =10.0-smr-sep-2020-r1 | |
| Samsung Android | =11.0-smr-dec-2020-r1 | |
| Samsung Android | =11.0-smr-feb-2021-r1 | |
| Samsung Android | =11.0-smr-jan-2021-r1 | |
| Android | =9.0 | |
| Android | =10.0 | |
| Android | =11.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-25337?
CVE-2021-25337 is an improper access control vulnerability in Samsung mobile devices' clipboard service that allows untrusted applications to read or write arbitrary files.
How does CVE-2021-25337 impact Samsung mobile devices?
CVE-2021-25337 allows untrusted applications to access and modify files on Samsung mobile devices through the clipboard service.
What other vulnerabilities are CVE-2021-25337 chained with?
CVE-2021-25337 was chained with CVE-2021-25369 and CVE-2021-25370.
How can I mitigate CVE-2021-25337 on my Samsung mobile device?
Apply the security update provided by Samsung to fix CVE-2021-25337.
Where can I find more information about CVE-2021-25337?
You can find more information about CVE-2021-25337 on the Samsung Mobile Security website.
- agent/type
- agent/description
- agent/title
- agent/weakness
- agent/severity
- agent/first-publish-date
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/software-canonical-lookup
- agent/references
- agent/author
- agent/event
- agent/source
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/nvd-api
- source/NVD
- agent/softwarecombine
- agent/tags
- collector/nvd-cve
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/samsung
- canonical/samsung mobile devices
- canonical/samsung android
- version/samsung android/9.0-smr-apr-2019-r1
- version/samsung android/9.0-smr-apr-2020-r1
- version/samsung android/9.0-smr-aug-2019-r1
- version/samsung android/9.0-smr-aug-2020-r1
- version/samsung android/9.0-smr-dec-2018-r1
- version/samsung android/9.0-smr-dec-2019-r1
- version/samsung android/9.0-smr-dec-2020-r1
- version/samsung android/9.0-smr-feb-2019-r1
- version/samsung android/9.0-smr-feb-2020-r1
- version/samsung android/9.0-smr-feb-2021-r1
- version/samsung android/9.0-smr-jan-2019-r1
- version/samsung android/9.0-smr-jan-2020-r1
- version/samsung android/9.0-smr-jan-2021-r1
- version/samsung android/9.0-smr-jul-2019-r1
- version/samsung android/9.0-smr-jul-2020-r1
- version/samsung android/9.0-smr-jun-2019-r1
- version/samsung android/9.0-smr-jun-2020-r1
- version/samsung android/9.0-smr-mar-2019-r1
- version/samsung android/9.0-smr-mar-2020-r1
- version/samsung android/9.0-smr-may-2019-r1
- version/samsung android/9.0-smr-may-2020-r1
- version/samsung android/9.0-smr-nov-2018-r1
- version/samsung android/9.0-smr-nov-2019-r1
- version/samsung android/9.0-smr-nov-2020-r1
- version/samsung android/9.0-smr-oct-2018-r1
- version/samsung android/9.0-smr-oct-2019-r1
- version/samsung android/9.0-smr-oct-2020-r1
- version/samsung android/9.0-smr-sep-2019-r1
- version/samsung android/9.0-smr-sep-2020-r1
- version/samsung android/10.0-smr-apr-2020-r1
- version/samsung android/10.0-smr-aug-2020-r1
- version/samsung android/10.0-smr-dec-2019-r1
- version/samsung android/10.0-smr-dec-2020-r1
- version/samsung android/10.0-smr-feb-2020-r1
- version/samsung android/10.0-smr-feb-2021-r1
- version/samsung android/10.0-smr-jan-2020-r1
- version/samsung android/10.0-smr-jan-2021-r1
- version/samsung android/10.0-smr-jul-2020-r1
- version/samsung android/10.0-smr-jun-2020-r1
- version/samsung android/10.0-smr-mar-2020-r1
- version/samsung android/10.0-smr-may-2020-r1
- version/samsung android/10.0-smr-nov-2019-r1
- version/samsung android/10.0-smr-nov-2020-r1
- version/samsung android/10.0-smr-oct-2020-r1
- version/samsung android/10.0-smr-sep-2020-r1
- version/samsung android/11.0-smr-dec-2020-r1
- version/samsung android/11.0-smr-feb-2021-r1
- version/samsung android/11.0-smr-jan-2021-r1
- vendor/google
- canonical/android
- version/android/9.0
- version/android/10.0
- version/android/11.0