CVE-2026-21032
Received
Received - Intake
Improper Component Export in Samsung Assistant
Publication date: 2026-06-05
Last updated on: 2026-06-05
Assigner: Samsung Mobile
Description
Description
Improper export of android application components in SmartHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| samsung | assistant | to 9.3.14 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves an improper export of Android application components in the SmartHomeWidgetReceiver of Samsung Assistant versions prior to 9.3.14. Because of this misconfiguration, a local attacker can execute arbitrary scripts on the affected device.
How can this vulnerability impact me? :
The vulnerability allows a local attacker to execute arbitrary scripts, which could lead to unauthorized actions or control on the affected device. This may compromise the security and integrity of the device and its data.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70