Cyber Resilience

CVE-2021-25337

MediumCISA KEVActive ExploitationEUVD ExploitedLPE

Published: 04 March 2021

Published
04 March 2021
Modified
30 October 2025
KEV Added
08 November 2022
Patch
CVSS Score v3.1 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
EPSS Score 0.0080 74.5th percentile
Risk Priority 29 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2021-25337 is a medium-severity Improper Privilege Management (CWE-269) vulnerability in Samsung Android. Its CVSS base score is 4.4 (Medium).

Operationally, ranked in the top 25.5% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).

Deeper analysis

The vulnerability is an improper access control issue (CWE-269) in the clipboard service of Samsung mobile devices running versions prior to the SMR Mar-2021 Release 1. It enables untrusted applications to read or write certain local files on the device, with a CVSS 3.1 base score of 4.4 reflecting local attack vector, low complexity, no required privileges, and required user interaction.

An attacker can exploit the flaw by installing or running an untrusted application on the affected Samsung device. Successful exploitation grants the ability to access or modify selected local files, resulting in limited impacts to confidentiality and integrity without affecting availability.

Samsung security advisories direct users to apply the SMR Mar-2021 Release 1 update or later via the referenced security update pages. The CVE is also catalogued by CISA as a known exploited vulnerability, confirming observed real-world attacks.

EU & UK References

Vulnerability details

Improper access control in clipboard service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to read or write certain local files.

CWE(s)
KEV Date Added
08 November 2022

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

samsung
android
10.0, 11.0, 9.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly enforces access restrictions on the clipboard service so untrusted applications cannot read or write arbitrary local files.

prevent

Limits privileges granted to user-installed applications, reducing the impact of the missing access control checks in the clipboard service.

prevent

Requires prompt application of the SMR Mar-2021 Release 1 (or later) patch that corrects the improper access control flaw.

References