CVE-2025-20969: Input Validation
First published: Wed May 07 2025(Updated: )
Improper input validation in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows local attackers to access data within Samsung Gallery.
Credit: mobile.security@samsung.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samsung Gallery | <14.5.10.3 | |
| Samsung Gallery | <14.5.09.3 | |
| Samsung Gallery | <15.5.04.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2025-20969?
The severity of CVE-2025-20969 is classified as high due to its potential for unauthorized data access.
How do I fix CVE-2025-20969?
To fix CVE-2025-20969, users should update Samsung Gallery to version 14.5.10.3 or later on Global Android 13, 14.5.09.3 or later on China Android 13, and 15.5.04.5 or later on Android 14.
What types of attacks can exploit CVE-2025-20969?
CVE-2025-20969 can be exploited by local attackers seeking unauthorized access to user data within Samsung Gallery.
Which versions of Samsung Gallery are affected by CVE-2025-20969?
Samsung Gallery versions prior to 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 are affected by CVE-2025-20969.
Who is at risk for CVE-2025-20969?
Users of Samsung Gallery on the specified affected versions are at risk for CVE-2025-20969.
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/first-publish-date
- agent/description
- agent/type
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/author
- agent/source
- agent/tags
- agent/severity
- agent/event
- vendor/samsung
- canonical/samsung gallery