CVE-2026-20974
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2026-01-09
Last updated on: 2026-02-02
Assigner: Samsung Mobile
Description
Description
Improper input validation in data related to network restrictions prior to SMR Jan-2026 Release 1 allows physical attackers to bypass Carrier Relock.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| samsung | android | 13.0 |
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
An attacker with physical access could exploit this vulnerability to bypass Carrier Relock, potentially allowing unauthorized use or unlocking of the device on different carriers.
Can you explain this vulnerability to me?
This vulnerability is caused by improper input validation in data related to network restrictions before the SMR Jan-2026 Release 1. It allows physical attackers to bypass the Carrier Relock feature.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70