Primary

Context

Samsung Account URL Redirection Vulnerability Allowing Access Token Theft

Vulnerability

Patched

A URL redirection vulnerability has been identified in Samsung Account applications prior to version 15.5.01.1. This vulnerability allows remote attackers to potentially intercept access tokens. The issue arises from improper URL validation, which could be exploited to redirect users in a way that exposes their access tokens to attackers.

Impact

Exploitation of this vulnerability could lead to unauthorized access to tokens, which may be used to access user accounts or services associated with the Samsung Account.

Remediation

Users can update to Samsung Account version 15.5.01.1 or later to address this vulnerability.

Added: Mar 16, 2026, 2:27 PM

Updated: Mar 16, 2026, 2:27 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.7

remediation

7.7

relevance

4.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.7

remediation

7.7

relevance

4.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung Account URL Redirection Vulnerability Allowing Access Token Theft

Vulnerability

Impact

Remediation

Affected Products

Samsung Account

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating