CVE-2021-25438

Description

Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause local file inclusion in webview.

Affected products

• Samsung Mobile / Samsung Members2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above

References

• MISChttps://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=7