Primary

Context

Samsung Mobile Improper Permission Handling in SpenGesture Service Vulnerability

Vulnerability

Patched

A vulnerability exists in the SpenGesture service on Samsung mobile devices, due to improper handling of permissions. This issue, present in several different versions of Android, allows local attackers to track the position of the S Pen.

Impact

Exploitation of this vulnerability enables local attackers to monitor S Pen movements, potentially leading to unauthorized access to user interactions or data associated with S Pen usage.

Remediation

Users can apply the May 2025 Security Maintenance Release 1, which includes the necessary patch for this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung Mobile Improper Permission Handling in SpenGesture Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Android

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating