CVE-2025-20920
Published: 06 March 2025
Description
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
Security Summary
CVE-2025-20920 is an out-of-bounds read vulnerability (CWE-125) in the action link data processing of the Samsung Notes application, affecting versions prior to 4.4.26.71. Published on 2025-03-06, this flaw enables attackers to access memory outside the intended boundaries when handling malformed action link data.
The vulnerability carries a CVSS v3.1 base score of 5.5 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N), indicating it can be exploited by a local attacker with low privileges and low complexity, requiring no user interaction. Successful exploitation allows the attacker to disclose sensitive information from out-of-bounds memory reads, resulting in high confidentiality impact but no impairment to integrity or availability.
Samsung's security advisory for March 2025, accessible at https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=03, addresses this issue, with mitigation achieved by updating Samsung Notes to version 4.4.26.71 or later.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The out-of-bounds read vulnerability in Samsung Notes enables local disclosure of sensitive information from memory, directly facilitating data collection from local system sources.