CVE-2025-21016
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-06
Last updated on: 2025-08-06
Assigner: Samsung Mobile
Description
Description
Improper access control in PkgPredictorService prior to SMR Aug-2025 Release 1 in Chinese Android 13, 14, 15 and 16 allows local attackers to use the privileged APIs.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| samsung | pkgpredictorservice | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an improper access control issue in the PkgPredictorService on certain Chinese versions of Android (13, 14, 15, and 16) before the SMR Aug-2025 Release 1. It allows local attackers to access privileged APIs that they should not be able to use.
How can this vulnerability impact me? :
The vulnerability can allow local attackers to misuse privileged APIs, potentially leading to unauthorized access or actions on the affected device. This could result in limited confidentiality, integrity, and availability impacts as indicated by the CVSS score.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70