Primary

Context

Samsung Telephony Improper Access Control Vulnerability Allowing Escalated Permission File Access

Vulnerability

Patched

An improper access control vulnerability has been identified in the Telephony component of Samsung devices, affecting several different versions and prior to the SMR April 2023 Release 1. This vulnerability allows attackers to access files with elevated permissions. The issue arises from inadequate access control measures, which can be exploited to read or manipulate files that should be restricted.

Impact

Exploitation of this vulnerability could lead to unauthorized access to files with escalated permissions, potentially allowing attackers to manipulate sensitive data or system resources.

Remediation

Users can apply the Samsung Security Maintenance Release (SMR) for April 2023 Release 1, which includes the patch for this vulnerability. The update is being rolled out to applicable models, although the delivery time may vary by region.

Added: Sep 3, 2025, 6:30 AM

Updated: Sep 3, 2025, 6:30 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.0

exploitability

3.3

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.0

exploitability

3.3

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung Telephony Improper Access Control Vulnerability Allowing Escalated Permission File Access

Vulnerability

Impact

Remediation

Affected Products

Samsung Android

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating