Shodan
Vulnerabilities
Vulnerable Software
Samsung:  Security Vulnerabilities
CVE-2026-20989
Improper verification of cryptographic signature in Font Settings prior to SMR Mar-2026 Release 1 allows physical attackers to use custom font.
CVSS Score
5.1
EPSS Score
0.001
Published
2026-03-16
CVE-2026-20990
Improper export of android application components in Secure Folder prior to SMR Mar-2026 Release 1 allows local attackers to launch arbitrary activity with Secure Folder privilege.
CVSS Score
8.4
EPSS Score
0.002
Published
2026-03-16
CVE-2026-20991
Improper privilege management in ThemeManager prior to SMR Mar-2026 Release 1 allows local privileged attackers to reuse trial contents.
CVSS Score
6.7
EPSS Score
0.001
Published
2026-03-16
CVE-2025-62816
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, and 2500. Unvalidated VS4L_VERTEXIOC_BOOTUP input leads to a denial of service.
CVSS Score
5.5
EPSS Score
0.001
Published
2026-03-03
CVE-2025-62817
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, and 2500. A NULL pointer dereference of session->ncp_hdr_buf in __pilot_parsing_ncp() causes a denial of service.
CVSS Score
7.5
EPSS Score
0.003
Published
2026-03-03
CVE-2025-62814
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, and 2400. A NULL pointer dereference of ft_handle in load_fw_utc_vector() causes a denial of service.
CVSS Score
7.5
EPSS Score
0.005
Published
2026-03-03
CVE-2025-62815
An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, 1580, and 2500. A NULL pointer dereference of npu_proto_drv.ast.thread_ref in set_cpu_affinity() causes a denial of service.
CVSS Score
5.5
EPSS Score
0.001
Published
2026-03-03
CVE-2025-66363
An issue was discovered in LBS in Samsung Mobile Processor Exynos 2200. There was no check for memory initialization within DL NAS Transport messages.
CVSS Score
7.5
EPSS Score
0.005
Published
2026-03-03
CVE-2026-20981
Improper input validation in FacAtFunction prior to SMR Feb-2026 Release 1 allows privileged physical attacker to execute arbitrary command with system privilege.
CVSS Score
5.4
EPSS Score
0.002
Published
2026-02-04
CVE-2026-20982
Path traversal in ShortcutService prior to SMR Feb-2026 Release 1 allows privileged local attacker to create file with system privilege.
CVSS Score
6.8
EPSS Score
0.003
Published
2026-02-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved