CVE-2026-21034
Received
Received - Intake
Improper Component Export in Samsung Auto
Publication date: 2026-06-05
Last updated on: 2026-06-05
Assigner: Samsung Mobile
Description
Description
Improper export of android application components in Samsung Auto prior to version 3.1.2.61 in Android 15 and 3.2.0.38 in Android 16 allows local attacker to change audio configuration.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| samsung | auto | to 3.1.2.61 (exc) |
| samsung | auto | to 3.2.0.38 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves improper export of Android application components in Samsung Auto versions prior to 3.1.2.61 on Android 15 and 3.2.0.38 on Android 16. It allows a local attacker to change the audio configuration of the device.
How can this vulnerability impact me? :
The vulnerability allows a local attacker to modify the audio configuration on affected Samsung Auto versions. This could lead to unauthorized changes in audio settings, potentially disrupting normal audio functionality or causing unexpected behavior in the system's audio output.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70