Unrated severityNVD Advisory· Published Nov 5, 2025· Updated Nov 5, 2025
CVE-2025-21079
CVE-2025-21079
Description
Improper input validation in Samsung Members prior to version 5.5.01.3 allows remote attackers to connect arbitrary URL and launch arbitrary activity with Samsung Members privilege. User interaction is required for triggering this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 5.5.01.3
Patches
Vulnerability mechanics
References
1News mentions
2- ZDI-26-209: (Pwn2Own) Samsung Galaxy S25 Samsung Members Open Redirect Security Bypass VulnerabilityZero Day Initiative · Mar 16, 2026
- ZDI-26-210: (Pwn2Own) Samsung Galaxy S25 Samsung Members Security Feature Bypass VulnerabilityZero Day Initiative · Mar 16, 2026