CVE-2021-25389

Vulnerability

S Secure on Samsung mobile devices prior to SMR MAY-2021 Release 1 contains an improper running task check vulnerability. This flaw resides in the logic that verifies whether an app is allowed to run when the device is locked. The affected versions are those before the May 2021 Security Maintenance Release. [1]

Exploitation

An attacker with physical access to a locked device can exploit this vulnerability by interacting with the S Secure interface. The improper task check allows the attacker to bypass the authentication requirement and launch a locked app without providing credentials. No additional privileges or network access are needed. [1]

Impact

Successful exploitation enables an attacker to use a locked application without entering the correct PIN, pattern, or biometric authentication. This compromises the confidentiality and intended access control of the app, potentially exposing sensitive data or functionality that the user intended to protect. [1]

Mitigation

The vulnerability is fixed in SMR MAY-2021 Release 1. Users should update their Samsung mobile device to the latest security patch level as provided by Samsung. No workarounds are documented; updating is the recommended mitigation. [1]