Cyber Posture

CVE-2025-20915

Medium

Published: 06 March 2025

Published
06 March 2025
Modified
17 July 2025
KEV Added
Patch
CVSS Score 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0023 45.8th percentile
Risk Priority 11 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-20915 is a medium-severity Out-of-bounds Read (CWE-125) vulnerability in Samsung Notes. Its CVSS base score is 5.5 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Data from Local System (T1005); ranked at the 45.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Data from Local System (T1005). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Requires timely identification, reporting, and correction of software flaws like this out-of-bounds read vulnerability through patching Samsung Notes to version 4.4.26.71 or later.

SI-16 Memory Protection good match
prevent

Implements memory protection mechanisms such as bounds checking and isolation to directly prevent out-of-bounds memory reads during binary voice content processing.

SI-10 Information Input Validation partial match
prevent

Mandates validation of binary voice content inputs to mitigate malformed data that could trigger out-of-bounds reads in the Samsung Notes application.

MITRE ATT&CK Enterprise TechniquesAI

T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
attack.mitre.org →
Why these techniques?

Out-of-bounds read enables local memory disclosure of sensitive data from the device, directly facilitating data collection from local system sources.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

NVD Description

Out-of-bounds read in applying binary of voice content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

Deeper analysisAI

CVE-2025-20915 is an out-of-bounds read vulnerability (CWE-125) in the Samsung Notes application, occurring during the processing of binary voice content. It affects versions of Samsung Notes prior to 4.4.26.71 on compatible Samsung devices. The flaw enables attackers to access memory outside the intended boundaries, potentially exposing sensitive data.

Exploitation requires local access to the device (AV:L) with low privileges (PR:L), low attack complexity (AC:L), and no user interaction (UI:N). Successful attacks result in high confidentiality impact (C:H) through memory disclosure, with no integrity or availability disruption (CVSS 5.5: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). Local users or malware with basic permissions could leverage this for information leakage.

Samsung's security advisory, published on 2025-03-06, details the vulnerability and mitigation at https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=03. Practitioners should recommend updating Samsung Notes to version 4.4.26.71 or later to address the issue.

Details

CWE(s)
CWE-125

Affected Products

samsung
notes
≤ 4.4.26.71

CVEs Like This One

CVE-2025-20920Same product: Samsung Notes
CVE-2025-20918Same product: Samsung Notes
CVE-2025-20914Same product: Samsung Notes
CVE-2025-20922Same product: Samsung Notes
CVE-2025-20916Same product: Samsung Notes
CVE-2025-20919Same product: Samsung Notes
CVE-2025-20921Same product: Samsung Notes
CVE-2025-20917Same product: Samsung Notes
CVE-2025-20931Same product: Samsung Notes
CVE-2025-20929Same product: Samsung Notes

References