CVE-2025-20968
First published: Wed May 07 2025(Updated: )
Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows remote attackers to access data and perform internal operations within Samsung Gallery.
Credit: mobile.security@samsung.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samsung Gallery | <14.5.10.3 | |
| Samsung Gallery | <14.5.09.3 | |
| Samsung Gallery | <15.5.04.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2025-20968?
CVE-2025-20968 has been classified with a high severity level due to its potential for unauthorized data access.
How do I fix CVE-2025-20968?
To fix CVE-2025-20968, update Samsung Gallery to version 14.5.10.3 or later for Global Android or 15.5.04.5 or later for Android 14.
What type of vulnerability is CVE-2025-20968?
CVE-2025-20968 is an improper access control vulnerability that allows remote attackers to access sensitive data.
Who is affected by CVE-2025-20968?
CVE-2025-20968 affects users of Samsung Gallery on specific versions of Android 13 and 14 prior to the patched versions.
Are there any workarounds for CVE-2025-20968?
There are no recommended workarounds for CVE-2025-20968; updating the application is the best course of action.
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/first-publish-date
- agent/description
- agent/type
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/author
- agent/source
- agent/tags
- agent/severity
- agent/event
- vendor/samsung
- canonical/samsung gallery