Samsung Health
CVEs (11)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-25401 | Hig | 0.51 | 7.8 | 0.00 | Jun 11, 2021 | Intent redirection vulnerability in Samsung Health prior to version 6.16 allows attacker to execute privileged action. | ||
| CVE-2023-30723 | Med | 0.36 | 5.5 | 0.00 | Sep 6, 2023 | Improper input validation vulnerability in Samsung Health prior to version 6.24.2.011 allows attackers to write arbitrary file with Samsung Health privilege. | ||
| CVE-2021-25425 | Med | 0.35 | 5.3 | 0.01 | Jun 11, 2021 | Improper check vulnerability in Samsung Health prior to version 6.17 allows attacker to read internal cache data via exported component. | ||
| CVE-2023-42539 | Med | 0.31 | 4.7 | 0.00 | Nov 7, 2023 | PendingIntent hijacking vulnerability in ChallengeNotificationManager in Samsung Health prior to version 6.25 allows local attackers to access data. | ||
| CVE-2024-34597 | Med | 0.29 | 4.4 | 0.00 | Jul 2, 2024 | Improper input validation in Samsung Health prior to version 6.27.0.113 allows local attackers to write arbitrary document files to the sandbox of Samsung Health. User interaction is required for triggering this vulnerability. | ||
| CVE-2023-30737 | Med | 0.26 | 4.0 | 0.00 | Oct 4, 2023 | Improper access control vulnerability in Samsung Health prior to version 6.24.3.007 allows attackers to access sensitive information via implicit intent. | ||
| CVE-2023-30734 | Med | 0.26 | 4.0 | 0.00 | Oct 4, 2023 | Improper access control vulnerability in Samsung Health prior to version 6.24.3.007 allows attackers to access sensitive information via implicit intent. | ||
| CVE-2021-25506 | Med | 0.26 | 4.0 | 0.00 | Nov 5, 2021 | Non-existent provider in Samsung Health prior to 6.19.1.0001 allows attacker to access it via malicious content provider or lead to denial of service. | ||
| CVE-2022-22283 | Low | 0.18 | 2.8 | 0.00 | Jan 10, 2022 | Improper session management vulnerability in Samsung Health prior to 6.20.1.005 prevents logging out from Samsung Health App. | ||
| CVE-2025-21059 | 0.00 | — | 0.00 | Oct 10, 2025 | Improper authorization in Samsung Health prior to version 6.30.5.105 allows local attackers to access data in Samsung Health. | |||
| CVE-2025-21019 | 0.00 | — | 0.00 | Aug 6, 2025 | Improper authorization in Samsung Health prior to version 6.30.1.003 allows local attackers to access data in Samsung Health. User interaction is required for triggering this vulnerability. |
- risk 0.51cvss 7.8epss 0.00
Intent redirection vulnerability in Samsung Health prior to version 6.16 allows attacker to execute privileged action.
- risk 0.36cvss 5.5epss 0.00
Improper input validation vulnerability in Samsung Health prior to version 6.24.2.011 allows attackers to write arbitrary file with Samsung Health privilege.
- risk 0.35cvss 5.3epss 0.01
Improper check vulnerability in Samsung Health prior to version 6.17 allows attacker to read internal cache data via exported component.
- risk 0.31cvss 4.7epss 0.00
PendingIntent hijacking vulnerability in ChallengeNotificationManager in Samsung Health prior to version 6.25 allows local attackers to access data.
- risk 0.29cvss 4.4epss 0.00
Improper input validation in Samsung Health prior to version 6.27.0.113 allows local attackers to write arbitrary document files to the sandbox of Samsung Health. User interaction is required for triggering this vulnerability.
- risk 0.26cvss 4.0epss 0.00
Improper access control vulnerability in Samsung Health prior to version 6.24.3.007 allows attackers to access sensitive information via implicit intent.
- risk 0.26cvss 4.0epss 0.00
Improper access control vulnerability in Samsung Health prior to version 6.24.3.007 allows attackers to access sensitive information via implicit intent.
- risk 0.26cvss 4.0epss 0.00
Non-existent provider in Samsung Health prior to 6.19.1.0001 allows attacker to access it via malicious content provider or lead to denial of service.
- risk 0.18cvss 2.8epss 0.00
Improper session management vulnerability in Samsung Health prior to 6.20.1.005 prevents logging out from Samsung Health App.
- CVE-2025-21059Oct 10, 2025risk 0.00cvss —epss 0.00
Improper authorization in Samsung Health prior to version 6.30.5.105 allows local attackers to access data in Samsung Health.
- CVE-2025-21019Aug 6, 2025risk 0.00cvss —epss 0.00
Improper authorization in Samsung Health prior to version 6.30.1.003 allows local attackers to access data in Samsung Health. User interaction is required for triggering this vulnerability.