CVE-2026-20976
Published: 09 January 2026
Summary
CVE-2026-20976 is a medium-severity an unspecified weakness vulnerability in Samsung Galaxy Store. Its CVSS base score is 5.1 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Command and Scripting Interpreter (T1059); ranked at the 1.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2026-20976 is an improper input validation vulnerability affecting the Galaxy Store application prior to version 4.6.02 on Samsung devices. Published on January 9, 2026, it has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and is associated with CWE category NVD-CWE-noinfo. The flaw enables a local attacker to execute arbitrary scripts due to inadequate validation of inputs processed by the Galaxy Store.
A local attacker with low privileges on the affected device can exploit this vulnerability with low attack complexity and without requiring user interaction. Successful exploitation allows the attacker to achieve high impacts on confidentiality, integrity, and availability, potentially compromising the device through arbitrary script execution.
Samsung has published a security advisory detailing the issue at https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=01, with mitigation involving an update to Galaxy Store version 4.6.02 or later.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-1790
Vulnerability details
Improper input validation in Galaxy Store prior to version 4.6.02 allows local attacker to execute arbitrary script.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local input validation flaw directly enables arbitrary script execution (T1059) by low-privileged attackers, resulting in high-impact compromise consistent with exploitation for privilege escalation (T1068).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mandates validation of information inputs to prevent arbitrary script execution due to improper input validation in Galaxy Store.
Requires identification, reporting, and correction of flaws like the improper input validation vulnerability fixed in Galaxy Store version 4.6.02.
Deploys malicious code protection at entry points and memory to block execution of arbitrary scripts injected via the input validation flaw.