Cyber Resilience

CVE-2025-53082

Medium

Published: 29 July 2025

Published
29 July 2025
Modified
11 August 2025
KEV Added
Patch
CVSS Score v3.1 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
EPSS Score 0.0233 85.2th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-53082 is a medium-severity Relative Path Traversal (CWE-23) vulnerability in Samsung Data Management Server Firmware. Its CVSS base score is 6.1 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique File Deletion (T1070.004); ranked in the top 14.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2025-53082 is an arbitrary file deletion vulnerability, tracked under CWE-23, that affects Samsung DMS (Data Management Server). The flaw permits deletion of arbitrary files from unintended filesystem locations and carries a CVSS 3.1 score of 6.1 reflecting physical access vector, low attack complexity, and impacts to integrity and availability without requiring authentication or user interaction.

An attacker who can reach one of the specific authorized private IP addresses permitted by the deployment can trigger the deletion, resulting in targeted removal of files that may disrupt service operation or data integrity on the affected server.

The official Samsung security advisory published at https://security.samsungda.com/securityUpdates.html addresses the issue and should be consulted for available patches or configuration guidance. The associated EPSS score has remained flat at 0.0233 with no material increase observed since disclosure.

EU & UK References

Vulnerability details

An 'Arbitrary File Deletion' in Samsung DMS(Data Management Server) allows attackers to delete arbitrary files from unintended locations on the filesystem. Exploitation is restricted to specific, authorized private IP addresses.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1070.004 File Deletion Stealth
Adversaries may delete files left behind by the actions of their intrusion activity.
T1485 Data Destruction Impact
Adversaries may destroy data and files on specific systems or in large numbers on a network to interrupt availability to systems, services, and network resources.
Why these techniques?

Arbitrary file deletion via path traversal directly enables file deletion for indicator removal and data destruction to impact integrity/availability.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-53081Same product: Samsung Data Management Server
CVE-2025-53078Same product: Samsung Data Management Server
CVE-2025-52908Same vendor: Samsung
CVE-2025-20916Same vendor: Samsung
CVE-2025-21042Same vendor: Samsung
CVE-2026-20983Same vendor: Samsung
CVE-2025-20903Same vendor: Samsung
CVE-2026-25201Same vendor: Samsung
CVE-2025-54440Same vendor: Samsung
CVE-2025-20915Same vendor: Samsung

Affected Assets

samsung
data management server firmware
2.0.0 — 2.3.13.1 · 2.5.0.17 — 2.6.14.1 · 2.7.0.15 — 2.9.3.6

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Validates and sanitizes file path inputs to block relative path traversal sequences that enable deletion of arbitrary files outside intended directories.

prevent

Enforces authorization checks on file-system operations so that only permitted deletions within approved paths can succeed, directly stopping the unauthorized deletions.

prevent

Restricts the privileges granted to the DMS process or user context, limiting the scope of files that can be deleted even if a traversal succeeds.

References