S Assistant CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-21038	2 Google, Samsung	6 Android, Assistant, Mobile and 3 more	2025-09-05	5.1 Medium
Improper verification of intent by SamsungExceptionalBroadcastReceiver in S Assistant prior to version 9.3.2 allows local attackers to modify itinerary information.
CVE-2025-21039	2 Google, Samsung	6 Android, Assistant, Mobile and 3 more	2025-09-05	5.1 Medium
Improper verification of intent by SystemExceptionalBroadcastReceiver in S Assistant prior to version 9.3.2 allows local attackers to modify itinerary information.
CVE-2025-21040	2 Google, Samsung	6 Android, Assistant, Mobile and 3 more	2025-09-05	5.1 Medium
Improper verification of intent by ExternalBroadcastReceiver in S Assistant prior to version 9.3.2 allows local attackers to modify itinerary information.
CVE-2022-22289	1 Samsung	1 S Assistant	2024-11-21	5.3 Medium
Improper access control vulnerability in S Assistant prior to version 7.5 allows attacker to remotely get senstive information.
CVE-2021-25341	1 Samsung	1 S Assistant	2024-11-21	4 Medium
Calling of non-existent provider in S Assistant prior to version 6.5.01.22 allows unauthorized actions including denial of service attack by hijacking the provider.

Page 1 of 1.