CVE-2025-20914
Published: 06 March 2025
Description
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
Security Summary
CVE-2025-20914 is an out-of-bounds read vulnerability (CWE-125) in the application of binary handwriting content within Samsung Notes versions prior to 4.4.26.71. Published on 2025-03-06 with a CVSS v3.1 base score of 5.5 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N), the flaw occurs during processing that exposes memory beyond allocated bounds.
Local attackers with low privileges on the affected device can exploit this vulnerability with low complexity and no user interaction required. Exploitation enables reading of sensitive out-of-bounds memory content, resulting in high confidentiality impact while leaving integrity and availability unaffected.
Samsung's security advisory at https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=03 provides details on the vulnerability, with mitigation achieved by updating Samsung Notes to version 4.4.26.71 or later.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The out-of-bounds read in Samsung Notes enables local attackers to access sensitive memory content on the device, directly facilitating collection of data from local system sources.