Primary

Context

Samsung ContactProvider Improper Access Control Vulnerability

Vulnerability

Patched

A vulnerability exists in the ContactProvider component of Samsung devices, related to improper access control. This issue, present in versions of Android prior to the September 2025 Security Maintenance Release, allows local attackers to access sensitive information. The vulnerability has been privately disclosed and is part of the Samsung Vulnerabilities and Exposures (SVE) program.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive information.

Remediation

Users can apply the September 2025 Security Maintenance Release, which includes the necessary patch for this vulnerability.

Added: Sep 3, 2025, 6:22 AM

Updated: Sep 3, 2025, 6:22 AM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung ContactProvider Improper Access Control Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Samsung ContactProvider

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating