Primary

Context

Samsung Calendar Improper Access Control Vulnerability Allowing Cross-Profile Data Access

Vulnerability

Patched

A vulnerability exists in Samsung Calendar versions prior to 12.5.06.5 on Android 14 and 12.6.01.12 on Android 15, where improper access control allows physical attackers to access data across multiple user profiles.

Impact

Exploitation of this vulnerability could lead to unauthorized access to user data across different profiles.

Remediation

Users can update to Samsung Calendar version 12.5.06.5 on Android 14 or 12.6.01.12 on Android 15 to address this vulnerability.

Added: Sep 3, 2025, 6:36 AM

Updated: Sep 3, 2025, 6:36 AM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung Calendar Improper Access Control Vulnerability Allowing Cross-Profile Data Access

Vulnerability

Impact

Remediation

Affected Products

Samsung Calendar

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating