CVE-2026-20997
Awaiting Analysis
Awaiting Analysis - Queue
Cryptographic Signature Bypass in Samsung Smart Switch Allows Authentication Bypass
Vulnerability report for CVE-2026-20997, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-03-16
Last updated on: 2026-03-31
Assigner: Samsung Mobile
Description
Description
Improper verification of cryptographic signature in Smart Switch prior to version 3.7.69.15 allows remote attackers to potentially bypass authentication.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| samsung | smart_switch | to 3.7.69.15 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-347 | The product does not verify, or incorrectly verifies, the cryptographic signature for data. |