VYPR

SystemUI

by Samsung Mobile

CVEs (12)

  • CVE-2024-34595HigJul 2, 2024
    risk 0.51cvss 7.8epss 0.00

    Improper access control in clickAdapterItem of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities.

  • CVE-2024-34585HigJul 2, 2024
    risk 0.51cvss 7.8epss 0.00

    Improper access control in launchApp of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities.

  • CVE-2024-20891HigJul 2, 2024
    risk 0.51cvss 7.8epss 0.00

    Improper access control in launchFullscreenIntent of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities.

  • CVE-2020-26604HigOct 6, 2020
    risk 0.49cvss 7.5epss 0.00

    An issue was discovered in SystemUI on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. PendingIntent allows an unprivileged process to access contact numbers. The Samsung ID is SVE-2020-18467 (October 2020).

  • CVE-2016-9277HigNov 11, 2016
    risk 0.49cvss 7.5epss 0.01

    Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note devices allows attackers to cause a denial of service (UI restart) via vectors involving APIs and an activity that computes an out-of-bounds array index, aka SVE-2016-6906.

  • CVE-2023-21458MedMar 16, 2023
    risk 0.40cvss 6.2epss 0.00

    Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1 allows attacker to turn off Do not disturb via unprotected intent.

  • CVE-2022-36861MedSep 9, 2022
    risk 0.38cvss 5.9epss 0.00

    Custom permission misuse vulnerability in SystemUI prior to SMR Sep-2022 Release 1 allows attacker to use some protected functions with SystemUI privilege.

  • CVE-2021-25474MedOct 6, 2021
    risk 0.29cvss 4.4epss 0.00

    Assuming a shell privilege is gained, an improper exception handling for multi_sim_bar_show_on_qspanel value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset.

  • CVE-2021-25473MedOct 6, 2021
    risk 0.29cvss 4.4epss 0.00

    Assuming a shell privilege is gained, an improper exception handling for multi_sim_bar_hide_by_meadia_full value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset.

  • CVE-2025-21029MedSep 3, 2025
    risk 0.26cvss 4.0epss 0.00

    Improper handling of insufficient permission in System UI prior to SMR Sep-2025 Release 1 allows local attackers to send arbitrary replies to messages from the cover display.

  • CVE-2024-34677MedNov 6, 2024
    risk 0.26cvss 4.0epss 0.00

    Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate.

  • CVE-2015-6630Dec 8, 2015
    risk 0.00cvss epss 0.00

    SystemUI in Android 5.x before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to read screenshots and consequently gain privileges via a crafted application, aka internal bug 19121797.