CVE-2025-20898

CVSS 3.1 Score 4.6 of 10 (medium)

Details

Published Feb 4, 2025

Summary

CVE-2025-20898 is a vulnerability affecting Samsung Members prior to version 5.2.00.12. This issue involves improper input validation, which grants physical attackers the ability to access data across multiple user profiles. By exploiting this flaw, an attacker can gain unauthorized access and potentially steal sensitive information from other accounts on the same device. This vulnerability poses a significant security risk, especially in environments where multiple users share a device. Users are advised to update their Samsung Members app as soon as possible to mitigate this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Samsung Members

Affected Vendors

Samsung

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/3C_TII
https://www.cve.org/CVERecord?id=CVE-2025-20898
https://nvd.nist.gov/vuln/detail/CVE-2025-20898

Back to Vulnerability Database