CVE-2026-21028
Received
Received - Intake
Improper Access Control in Samsung SMR Jun-2026
Publication date: 2026-06-05
Last updated on: 2026-06-05
Assigner: Samsung Mobile
Description
Description
Improper access control in AuditLogService prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| samsung | auditlogservice | to 2026-06-01 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an improper access control issue in the AuditLogService component of Samsung software versions prior to SMR Jun-2026 Release 1. It allows local attackers to gain access to sensitive information that they should not be able to access.
How can this vulnerability impact me? :
The impact of this vulnerability is that a local attacker could access sensitive information stored or processed by the AuditLogService. This could lead to unauthorized disclosure of confidential data, potentially compromising privacy or security within the affected system.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70