CVE-2021-25343
First published: Thu Mar 04 2021(Updated: )
Calling of non-existent provider in Samsung Members prior to version 2.4.81.13 (in Android O(8.1) and below) and 3.8.00.13 (in Android P(9.0) and above) allows unauthorized actions including denial of service attack by hijacking the provider.
Credit: mobile.security@samsung.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samsung Members | <2.4.81.13 | |
| Android | =1.0 | |
| Android | =1.1 | |
| Android | =1.5 | |
| Android | =1.6 | |
| Android | =2.0 | |
| Android | =2.0.1 | |
| Android | =2.1 | |
| Android | =2.2 | |
| Android | =2.2-rev1 | |
| Android | =2.2.1 | |
| Android | =2.2.2 | |
| Android | =2.2.3 | |
| Android | =2.3 | |
| Android | =2.3-rev1 | |
| Android | =2.3.1 | |
| Android | =2.3.2 | |
| Android | =2.3.3 | |
| Android | =2.3.4 | |
| Android | =2.3.5 | |
| Android | =2.3.6 | |
| Android | =2.3.7 | |
| Android | =3.0 | |
| Android | =3.1 | |
| Android | =3.2 | |
| Android | =3.2.1 | |
| Android | =3.2.2 | |
| Android | =3.2.4 | |
| Android | =3.2.6 | |
| Android | =4.0 | |
| Android | =4.0.1 | |
| Android | =4.0.2 | |
| Android | =4.0.3 | |
| Android | =4.0.4 | |
| Android | =4.1 | |
| Android | =4.1.1 | |
| Android | =4.1.2 | |
| Android | =4.2 | |
| Android | =4.2.1 | |
| Android | =4.2.2 | |
| Android | =4.3 | |
| Android | =4.3.1 | |
| Android | =4.4 | |
| Android | =4.4.1 | |
| Android | =4.4.2 | |
| Android | =4.4.3 | |
| Android | =4.4.4 | |
| Android | =5.0 | |
| Android | =5.0.1 | |
| Android | =5.0.2 | |
| Android | =5.1 | |
| Android | =5.1.0 | |
| Android | =5.1.1 | |
| Android | =6.0 | |
| Android | =6.0.1 | |
| Android | =7.0 | |
| Android | =7.1.0 | |
| Android | =7.1.1 | |
| Android | =7.1.2 | |
| Android | =8.0 | |
| Android | =8.1 | |
| Samsung Members | <3.8.00.13 | |
| Android | =9.0 | |
| Android | =10.0 | |
| Android | =11.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-25343?
CVE-2021-25343 has a high severity rating due to its potential for unauthorized actions and denial of service attacks.
How do I fix CVE-2021-25343?
To fix CVE-2021-25343, update the Samsung Members app to version 2.4.81.13 or later.
Which versions are affected by CVE-2021-25343?
CVE-2021-25343 affects Samsung Members versions prior to 2.4.81.13 on Android O (8.1) and below, and versions before 3.8.00.13 on Android P (9.0) and above.
What impact does CVE-2021-25343 have?
The impact of CVE-2021-25343 includes unauthorized access to app services and potential service disruptions.
Is there a workaround for CVE-2021-25343?
There are no documented workarounds for CVE-2021-25343; the only resolution is to update the affected app.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/samsung
- canonical/samsung members
- vendor/google
- canonical/android
- version/android/1.0
- version/android/1.1
- version/android/1.5
- version/android/1.6
- version/android/2.0
- version/android/2.0.1
- version/android/2.1
- version/android/2.2
- version/android/2.2-rev1
- version/android/2.2.1
- version/android/2.2.2
- version/android/2.2.3
- version/android/2.3
- version/android/2.3-rev1
- version/android/2.3.1
- version/android/2.3.2
- version/android/2.3.3
- version/android/2.3.4
- version/android/2.3.5
- version/android/2.3.6
- version/android/2.3.7
- version/android/3.0
- version/android/3.1
- version/android/3.2
- version/android/3.2.1
- version/android/3.2.2
- version/android/3.2.4
- version/android/3.2.6
- version/android/4.0
- version/android/4.0.1
- version/android/4.0.2
- version/android/4.0.3
- version/android/4.0.4
- version/android/4.1
- version/android/4.1.1
- version/android/4.1.2
- version/android/4.2
- version/android/4.2.1
- version/android/4.2.2
- version/android/4.3
- version/android/4.3.1
- version/android/4.4
- version/android/4.4.1
- version/android/4.4.2
- version/android/4.4.3
- version/android/4.4.4
- version/android/5.0
- version/android/5.0.1
- version/android/5.0.2
- version/android/5.1
- version/android/5.1.0
- version/android/5.1.1
- version/android/6.0
- version/android/6.0.1
- version/android/7.0
- version/android/7.1.0
- version/android/7.1.1
- version/android/7.1.2
- version/android/8.0
- version/android/8.1
- version/android/9.0
- version/android/10.0
- version/android/11.0