CVE-2025-20919
Published: 06 March 2025
Description
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
Security Summary
CVE-2025-20919, published on 2025-03-06, is an out-of-bounds read vulnerability (CWE-125) in the Samsung Notes application prior to version 4.4.26.71. The flaw occurs during the processing of binary data from video content, enabling attackers to access memory outside the intended boundaries. It has a CVSS v3.1 base score of 5.5 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N), indicating medium severity primarily due to high confidentiality impact.
A local attacker with low privileges can exploit this vulnerability with low complexity and no user interaction required. By triggering the malformed video content processing in Samsung Notes, the attacker can read sensitive out-of-bounds memory contents, potentially disclosing confidential information such as other processes' data or application secrets.
Samsung's security advisory for March 2025, available at https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=03, addresses this issue. Mitigation requires updating Samsung Notes to version 4.4.26.71 or later to prevent exploitation.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The out-of-bounds read vulnerability directly enables local memory access to disclose sensitive data from the system, facilitating data collection from local sources.