CVE-2026-25203
Published: 10 April 2026
Summary
CVE-2026-25203 is a high-severity Incorrect Default Permissions (CWE-276) vulnerability in Samsungtv (inferred from references). Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 0.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).
Deeper analysis
CVE-2026-25203 is an Incorrect Default Permissions vulnerability (CWE-276) in Samsung MagicINFO 9 Server that allows local privilege escalation. The issue affects MagicINFO 9 Server versions less than 21.1091.1 and was published on 2026-04-10.
The vulnerability has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating it requires local access, low attack complexity, and low privileges to exploit, with no user interaction needed and unchanged scope. A local attacker with low privileges can leverage incorrect default permissions to escalate privileges, resulting in high impacts to confidentiality, integrity, and availability.
Samsung's security advisory provides details on mitigation and patches at https://security.samsungtv.com/securityUpdates.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-21252
Vulnerability details
Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability This issue affects MagicINFO 9 Server: less than 21.1091.1.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CVE describes a local privilege escalation vulnerability (CWE-276 incorrect default permissions) that is directly exploitable by an attacker with low privileges; this maps to the ATT&CK technique for exploiting a software vulnerability to obtain higher privileges.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Establishes and documents secure configuration settings, including correct default file permissions, directly mitigating the incorrect default permissions enabling local privilege escalation.
Enforces least privilege by authorizing only essential privileges for users and processes, preventing low-privilege local attackers from escalating via misconfigured permissions.
Enforces approved authorizations for logical access to system resources, blocking exploitation of incorrect default permissions by low-privilege users.