CVE-2025-20922
Published: 06 March 2025
Description
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
Security Summary
CVE-2025-20922 is an out-of-bounds read vulnerability (CWE-125) affecting Samsung Notes versions prior to 4.4.26.71. The flaw occurs in the appending text paragraph functionality, allowing attackers to access memory outside the intended bounds. Published on 2025-03-06, it has a CVSS v3.1 base score of 5.5 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N), indicating medium severity with high confidentiality impact but no integrity or availability effects.
A local attacker with low privileges on the affected device can exploit this vulnerability. Exploitation requires low complexity and no user interaction, enabling the attacker to read sensitive out-of-bounds memory contents, potentially exposing confidential data such as user information or application internals.
Samsung's security advisory provides details on the issue, with the vulnerability fixed in Samsung Notes version 4.4.26.71. Mitigation involves updating to this version or later. See https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=03 for full advisory information.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Out-of-bounds read enables local attacker to access and read sensitive memory contents containing confidential data or app internals, directly facilitating data collection from local system.