Primary

Context

Samsung Mobile Settings Improper Authorization Vulnerability Allowing Background Data Configuration Changes

Vulnerability

Patched

A vulnerability exists in the Settings application of Samsung Mobile devices running Android versions 13 through 16, prior to the March 2026 Security Maintenance Release. This vulnerability allows local attackers to disable the option for users to manage background data usage for applications. The issue arises from improper authorization, which the latest security update addresses by implementing the necessary authorization controls.

Impact

Exploitation of this vulnerability could lead to unauthorized changes in application data management, potentially causing apps to use background data without user consent or awareness.

Remediation

Users can update their devices to the March 2026 Security Maintenance Release to address this vulnerability.

Added: Mar 16, 2026, 2:29 PM

Updated: Mar 16, 2026, 2:29 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.2

exploitability

3.3

remediation

7.7

relevance

4.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.2

exploitability

3.3

remediation

7.7

relevance

4.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung Mobile Settings Improper Authorization Vulnerability Allowing Background Data Configuration Changes

Vulnerability

Impact

Remediation

Affected Products

Samsung Android

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating