CVE-2025-20918
Published: 06 March 2025
Description
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
Security Summary
CVE-2025-20918 is an out-of-bounds read vulnerability (CWE-125) in the Samsung Notes application prior to version 4.4.26.71. The flaw occurs when applying extra data of base content, enabling attackers to read memory outside the intended bounds. It has a CVSS v3.1 base score of 5.5 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N), rated as medium severity due to its local confidentiality impact.
A local attacker with low privileges can exploit this vulnerability without user interaction. By triggering the out-of-bounds read during content processing in Samsung Notes, the attacker can disclose sensitive information from memory, such as application data or potentially other process memory, though it does not allow integrity modification or denial of service.
Samsung's security advisory for March 2025, available at https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=03, addresses this issue. Mitigation involves updating Samsung Notes to version 4.4.26.71 or later, which resolves the out-of-bounds read in base content handling.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The out-of-bounds read enables local memory disclosure of application or process data, directly facilitating collection of sensitive information from the local system.