VYPR

Assistant

by Samsung Mobile

CVEs (13)

  • CVE-2026-21033HigJun 5, 2026
    risk 0.46cvss 7.1epss 0.00

    Improper export of android application components in ExpressHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script.

  • CVE-2026-21032HigJun 5, 2026
    risk 0.46cvss 7.1epss 0.00

    Improper export of android application components in SmartHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script.

  • CVE-2026-20993MedMar 16, 2026
    risk 0.36cvss 5.5epss 0.00

    Improper export of android application components in Samsung Assistant prior to version 9.3.10.7 allows local attacker to access saved information.

  • CVE-2022-22289MedJan 10, 2022
    risk 0.35cvss 5.3epss 0.01

    Improper access control vulnerability in S Assistant prior to version 7.5 allows attacker to remotely get senstive information.

  • CVE-2023-30735MedOct 4, 2023
    risk 0.33cvss 5.1epss 0.00

    Improper Preservation of Permissions vulnerability in SAssistant prior to version 8.7 allows local attackers to access backup data in SAssistant.

  • CVE-2023-30736MedOct 4, 2023
    risk 0.29cvss 4.4epss 0.00

    Improper authorization in PushMsgReceiver of Samsung Assistant prior to version 8.7.00.1 allows attacker to execute javascript interface. To trigger this vulnerability, user interaction is required.

  • CVE-2024-34661MedSep 4, 2024
    risk 0.28cvss 4.3epss 0.00

    Improper handling of insufficient permissions in Samsung Assistant prior to version 9.1.00.7 allows remote attackers to access location data. User interaction is required for triggering this vulnerability.

  • CVE-2025-58484MedDec 2, 2025
    risk 0.26cvss 4.0epss 0.00

    Incorrect default permissions in Samsung Cloud Assistant prior to version 8.0.03.8 allows local attacker to access partial data in sandbox.

  • CVE-2024-34670MedOct 8, 2024
    risk 0.26cvss 4.0epss 0.00

    Use of implicit intent for sensitive communication in Sound Assistant prior to version 6.1.0.9 allows local attackers to get sensitive information.

  • CVE-2021-25341MedMar 4, 2021
    risk 0.26cvss 4.0epss 0.00

    Calling of non-existent provider in S Assistant prior to version 6.5.01.22 allows unauthorized actions including denial of service attack by hijacking the provider.

  • CVE-2025-21040Sep 3, 2025
    risk 0.00cvss epss 0.00

    Improper verification of intent by ExternalBroadcastReceiver in S Assistant prior to version 9.3.2 allows local attackers to modify itinerary information.

  • CVE-2025-21039Sep 3, 2025
    risk 0.00cvss epss 0.00

    Improper verification of intent by SystemExceptionalBroadcastReceiver in S Assistant prior to version 9.3.2 allows local attackers to modify itinerary information.

  • CVE-2025-21038Sep 3, 2025
    risk 0.00cvss epss 0.00

    Improper verification of intent by SamsungExceptionalBroadcastReceiver in S Assistant prior to version 9.3.2 allows local attackers to modify itinerary information.