CVE-2025-20967
First published: Wed May 07 2025(Updated: )
Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows attackers to read and write arbitrary file with the privilege of Samsung Gallery.
Credit: mobile.security@samsung.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samsung Gallery | <14.5.10.3<14.5.09.3<15.5.04.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2025-20967?
CVE-2025-20967 has a high severity rating due to improper access control that allows unauthorized file access.
How do I fix CVE-2025-20967?
To fix CVE-2025-20967, users should update Samsung Gallery to version 14.5.10.3 or later for Global Android 13, 14.5.09.3 or later for China Android 13, and 15.5.04.5 or later for Android 14.
Who is affected by CVE-2025-20967?
CVE-2025-20967 affects users of Samsung Gallery prior to the specified versions on Global Android 13, China Android 13, and Android 14.
What type of vulnerability is CVE-2025-20967?
CVE-2025-20967 is categorized as an access control vulnerability, allowing attackers to exploit improper permissions.
Can CVE-2025-20967 lead to data breaches?
Yes, CVE-2025-20967 can lead to data breaches as it enables attackers to read and write arbitrary files within the Samsung Gallery.
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/first-publish-date
- agent/description
- agent/type
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/author
- agent/source
- agent/tags
- agent/severity
- agent/event
- vendor/samsung
- canonical/samsung gallery