CVE-2025-21046
LOWDescription
Improper access control in WindowManager in Samsung DeX prior to SMR Oct-2025 Release 1 allows physical attackers to temporarily access to recent app list.
CVSS v3.1 Score
Affected Products
| Vendor | Product |
|---|---|
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
| samsung | android |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-21046? +
How severe is CVE-2025-21046? +
What products are affected by CVE-2025-21046? +
How do I check if I'm vulnerable to CVE-2025-21046? +
Related Vulnerabilities
Improper Input Validation vulnerability in Samsung Open Source rLottie allows Path Traversal.This issue affects rLottie: V0.2.
Use After Free vulnerability in Samsung Open Source rLottie allows Remote Code Inclusion.This issue affects rLottie: V0.2.
Improper Input Validation vulnerability in Samsung Open Source rLottie allows Overread Buffers.This issue affects rLottie: V0.2.
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO …
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload …
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO …