CVE-2021-25366

Description


Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication.

Related CPE's


CvssV3 impact


BaseSeverity

LOW

ConfidentialityImpact

LOW

AttackComplexity

LOW

Scope

UNCHANGED

AttackVector

PHYSICAL

AvailabilityImpact

NONE

IntegrityImpact

LOW

PrivilegesRequired

HIGH

BaseScore

2.9

VectorString

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

Version

3.1

UserInteraction

NONE

CvssV2 impact


AccessComplexity

LOW

ConfidentialityImpact

PARTIAL

AvailabilityImpact

NONE

IntegrityImpact

PARTIAL

BaseScore

3.6

VectorString

AV:L/AC:L/Au:N/C:P/I:P/A:N

Version

2.0

AccessVector

LOCAL

Authentication

NONE