Primary

Context

Samsung Android Improper Access Control Vulnerability in Mdecservice Allowing Arbitrary File Access with System Privilege

Vulnerability

Patched

A vulnerability exists in the Mdecservice component of Samsung Android devices, specifically in versions prior to the April 2025 Security Maintenance Release. This vulnerability allows local attackers to access arbitrary files with system privileges, potentially leading to unauthorized data access or manipulation.

Impact

Exploitation of this vulnerability could result in unauthorized access to sensitive files with system privileges, allowing for potential misuse of this data or disruption of system functions.

Remediation

Users can apply the April 2025 Security Maintenance Release to address this vulnerability. This update is part of the regular monthly security update process for Samsung devices.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

5.0

exploitability

2.8

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

5.0

exploitability

2.8

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung Android Improper Access Control Vulnerability in Mdecservice Allowing Arbitrary File Access with System Privilege

Vulnerability

Impact

Remediation

Affected Products

Android

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating