Improper access control in Samsung Calendar prior to version 12.5.06.5 in Android 14 and 12.6.01.12 in Android 15 allows physical attackers to access data across multiple user profiles.
History

Wed, 03 Sep 2025 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google android
Samsung
Samsung calendar
Samsung mobile
Samsung samsung
Samsung samsung Mobile
Vendors & Products Google
Google android
Samsung
Samsung calendar
Samsung mobile
Samsung samsung
Samsung samsung Mobile

Wed, 03 Sep 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 03 Sep 2025 06:15:00 +0000

Type Values Removed Values Added
Description Improper access control in Samsung Calendar prior to version 12.5.06.5 in Android 14 and 12.6.01.12 in Android 15 allows physical attackers to access data across multiple user profiles.
References
Metrics cvssV3_1

{'score': 4.6, 'vector': 'CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: SamsungMobile

Published:

Updated: 2025-09-03T13:28:09.159Z

Reserved: 2024-11-06T02:30:14.886Z

Link: CVE-2025-21035

cve-icon Vulnrichment

Updated: 2025-09-03T13:28:02.548Z

cve-icon NVD

Status : Received

Published: 2025-09-03T06:15:48.550

Modified: 2025-09-03T06:15:48.550

Link: CVE-2025-21035

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-09-03T20:27:00Z