CVE-2025-20895

Published Feb 4, 2025

Last updated 19 days ago

CVSS low 3.2

Overview

Description
Authentication Bypass Using an Alternate Path in Galaxy Store prior to version 4.5.87.6 allows physical attackers to install arbitrary applications to bypass restrictions of Setupwizard.
Source
mobile.security@samsung.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
3.2
Impact score
2.5
Exploitability score
0.7
Vector string
CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Severity
LOW

Social media

Hype score
Not currently trending

  1. CVE-2025-20895 Authentication Bypass Using an Alternate Path in Galaxy Store prior to version 4.5.87.6 allows physical attackers to install arbitrary applications to bypass restrict… https://t.co/CqOnH3iAVo

    @CVEnew

    4 Feb 2025

    252 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References