Medium severity4.5NVD Advisory· Published Jun 4, 2025· Updated Jun 17, 2026
CVE-2025-20994
CVE-2025-20994
Description
Improper handling of insufficient permission in SyncClientProvider in Samsung Internet installed on non-Samsung Device prior to version 28.0.0.59 allows local attackers to access read and write arbitrary files.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <28.0.0.59
- Range: 28.0.0.59
Patches
Vulnerability mechanics
References
1- security.samsungmobile.com/serviceWeb.smsbnvdVendor Advisory
News mentions
0No linked articles in our index yet.