Samsung Assistant CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-21040	2 Google, Samsung	5 Android, Assistant, Mobile and 2 more	2025-09-03	5.1 Medium
Improper verification of intent by ExternalBroadcastReceiver in S Assistant prior to version 9.3.2 allows local attackers to modify itinerary information.
CVE-2025-21039	2 Google, Samsung	5 Android, Assistant, Mobile and 2 more	2025-09-03	5.1 Medium
Improper verification of intent by SystemExceptionalBroadcastReceiver in S Assistant prior to version 9.3.2 allows local attackers to modify itinerary information.
CVE-2025-21038	2 Google, Samsung	5 Android, Assistant, Mobile and 2 more	2025-09-03	5.1 Medium
Improper verification of intent by SamsungExceptionalBroadcastReceiver in S Assistant prior to version 9.3.2 allows local attackers to modify itinerary information.
CVE-2023-30736	1 Samsung	1 Samsung Assistant	2024-11-21	4.4 Medium
Improper authorization in PushMsgReceiver of Samsung Assistant prior to version 8.7.00.1 allows attacker to execute javascript interface. To trigger this vulnerability, user interaction is required.

Page 1 of 1.