CVE-2025-20915
Published: 06 March 2025
Description
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
Security Summary
CVE-2025-20915 is an out-of-bounds read vulnerability (CWE-125) in the Samsung Notes application, occurring during the processing of binary voice content. It affects versions of Samsung Notes prior to 4.4.26.71 on compatible Samsung devices. The flaw enables attackers to access memory outside the intended boundaries, potentially exposing sensitive data.
Exploitation requires local access to the device (AV:L) with low privileges (PR:L), low attack complexity (AC:L), and no user interaction (UI:N). Successful attacks result in high confidentiality impact (C:H) through memory disclosure, with no integrity or availability disruption (CVSS 5.5: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). Local users or malware with basic permissions could leverage this for information leakage.
Samsung's security advisory, published on 2025-03-06, details the vulnerability and mitigation at https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=03. Practitioners should recommend updating Samsung Notes to version 4.4.26.71 or later to address the issue.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Out-of-bounds read enables local memory disclosure of sensitive data from the device, directly facilitating data collection from local system sources.