Primary

Context

Samsung Routines Insufficient Permission Vulnerability Allowing Sensitive Information Access

Vulnerability

Patched

A vulnerability in the Routines component of Samsung devices running Android versions 15 and 16, prior to the SMR May-2026 Release 1, allows local attackers to access sensitive information due to improper handling of insufficient permissions. The issue has been addressed in the SMR May-2026 Release 1.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive information.

Remediation

Users can update to the Samsung May 2026 Security Maintenance Release to address this vulnerability.

Added: May 13, 2026, 4:39 PM

Updated: May 13, 2026, 4:39 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.3

remediation

7.7

relevance

8.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.3

remediation

7.7

relevance

8.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung Routines Insufficient Permission Vulnerability Allowing Sensitive Information Access

Vulnerability

Impact

Remediation

Affected Products

Samsung Android

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating