CVE-2021-25375

Vulnerability

Samsung Email versions prior to 6.1.41.0 uses a predictable index for attachment file names. The bug allows remote attackers to access attachments from other emails when the victim opens a malicious attachment crafted by the attacker [1].

Exploitation

An attacker sends an email containing a specially crafted attachment to the victim. When the victim opens that attachment, the predictable index mechanism of Samsung Email allows the attacker to enumerate or compute the location of other attachments stored within the application's sandbox, thereby gaining unauthorized access to them. No authentication other than the victim's email access is required, and the attacker only needs to deliver the malicious email remotely [1].

Impact

Successful exploitation results in unauthorized disclosure of email attachments belonging to other emails of the victim. The attacker can read sensitive information contained in those attachments, including private documents, images, or other data stored alongside the email in the application [1].

Mitigation

The vulnerability was fixed in Samsung Email version 6.1.41.0. Users should update to this version or later via the official Samsung app store or device update mechanism. No workaround is available if the update is not applied [1].