Cyber Resilience

CVE-2026-25203

High

Published: 10 April 2026

Published
10 April 2026
Modified
13 April 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0001 0.7th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-25203 is a high-severity Incorrect Default Permissions (CWE-276) vulnerability in Samsungtv (inferred from references). Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 0.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).

Deeper analysis

CVE-2026-25203 is an Incorrect Default Permissions vulnerability (CWE-276) in Samsung MagicINFO 9 Server that allows local privilege escalation. The issue affects MagicINFO 9 Server versions less than 21.1091.1 and was published on 2026-04-10.

The vulnerability has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating it requires local access, low attack complexity, and low privileges to exploit, with no user interaction needed and unchanged scope. A local attacker with low privileges can leverage incorrect default permissions to escalate privileges, resulting in high impacts to confidentiality, integrity, and availability.

Samsung's security advisory provides details on mitigation and patches at https://security.samsungtv.com/securityUpdates.

EU & UK References

Vulnerability details

Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability This issue affects MagicINFO 9 Server: less than 21.1091.1.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

CVE describes a local privilege escalation vulnerability (CWE-276 incorrect default permissions) that is directly exploitable by an attacker with low privileges; this maps to the ATT&CK technique for exploiting a software vulnerability to obtain higher privileges.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-21532Shared CWE-276
CVE-2025-24176Shared CWE-276
CVE-2025-1789Shared CWE-276
CVE-2024-43769Shared CWE-276
CVE-2025-0543Shared CWE-276
CVE-2025-7024Shared CWE-276
CVE-2025-24267Shared CWE-276
CVE-2024-49737Shared CWE-276
CVE-2024-34730Shared CWE-276
CVE-2025-24107Shared CWE-276

Affected Assets

Samsungtv
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Establishes and documents secure configuration settings, including correct default file permissions, directly mitigating the incorrect default permissions enabling local privilege escalation.

prevent

Enforces least privilege by authorizing only essential privileges for users and processes, preventing low-privilege local attackers from escalating via misconfigured permissions.

prevent

Enforces approved authorizations for logical access to system resources, blocking exploitation of incorrect default permissions by low-privilege users.

References