Improper privilege management in Samsung’s ThemeManager before the SMR Mar‑2026 Release 1 allows a local privileged attacker to reuse trial contents that should be restricted. The flaw enables an attacker with existing local privileges to bypass licensing or trial restrictions and access protected content without permission. This vulnerability is an incorrect permission assignment issue affecting the handling of trial content, leading to unauthorized use of licensed material.

The issue applies to Samsung Mobile Devices running Android 14, 15, or 16 that have any SMR release listed in the provided CPEs and are prior to the SMR Mar‑2026 Release 1 update. Because the exact version range is not specified beyond the SMR release dates, all devices within the documented Android releases and SMR periods should be considered at risk until a patch is applied.

The vulnerability requires that the attacker already have local privileges on the device, so it does not provide system‑wide compromise. The exploitability is therefore moderate, but the EPSS score is reported below 1 %, indicating a low likelihood of exploitation. The attack would involve invoking ThemeManager functions to replicate or re‑enable trial content. As the flaw is not listed in the CISA KEV catalog, no widespread active exploitation has been reported, yet the risk of unauthorized content consumption remains. The attack vector is inferred from the description; explicit details are not supplied in the original data.