CVE-2026-20969
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2026-01-09
Last updated on: 2026-01-09
Assigner: Samsung Mobile
Description
Description
Improper input validation in SecSettings prior to SMR Jan-2026 Release 1 allows local attacker to access file with system privilege. User interaction is required for triggering this vulnerability.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| samsung | secsettings | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is due to improper input validation in the SecSettings component before the SMR Jan-2026 Release 1. It allows a local attacker to access files with system-level privileges. Exploiting this vulnerability requires user interaction to trigger it.
How can this vulnerability impact me? :
The vulnerability can allow a local attacker to gain unauthorized access to files with system privileges, potentially leading to unauthorized data access or modification on the affected device.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70