Home/Product/samsung account
Product

samsung account

31 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-20994
< 15.5.01.1
URL redirection in Samsung Account prior to version 15.5.01.1 allows local attackers to potentially get access token.
6.1MEDIUM
 CVE-2026-21264
all versions
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Account allows an unauthorized a
9.3CRITICAL
 CVE-2025-58487
< 15.5.01.1
Improper authorization in Samsung Account prior to version 15.5.01.1 allows local attacker to launch arbitrary activity with Samsu
4.0MEDIUM
 CVE-2025-58486
< 15.5.01.1
Improper input validation in Samsung Account prior to version 15.5.01.1 allows local attacker to execute arbitrary script.
4.0MEDIUM
 CVE-2025-21076
< 15.5.00.18
Improper handling of insufficient permissions or privileges in Samsung Account prior to version 15.5.00.18 allows local attackers
5.5MEDIUM
 CVE-2023-21481
< 14.1.0.0
Improper URL input validation vulnerability in Samsung Account application prior to version 14.1.0.0 allows remote attackers to ge
5.4MEDIUM
 CVE-2025-21396
all versions
Missing authorization in Microsoft Account allows an unauthorized attacker to elevate privileges over a network.
8.2HIGH
 CVE-2024-20841
< 14.8.00.3
Improper Handling of Insufficient Privileges in Samsung Account prior to version 14.8.00.3 allows local attackers to access data.
5.1MEDIUM
 CVE-2023-42551
< 14.5.00.7
Use of implicit intent for sensitive communication vulnerability in startTncActivity in Samsung Account prior to version 14.5.00.7
5.5MEDIUM
 CVE-2023-42550
< 14.5.00.7
Use of implicit intent for sensitive communication vulnerability in startSignIn in Samsung Account prior to version 14.5.00.7 allo
5.5MEDIUM
 CVE-2023-42549
< 14.5.00.7
Use of implicit intent for sensitive communication vulnerability in startNameValidationActivity in Samsung Account prior to versio
5.5MEDIUM
 CVE-2023-42548
< 14.5.00.7
Use of implicit intent for sensitive communication vulnerability in startMandatoryCheckActivity in Samsung Account prior to versio
5.5MEDIUM
 CVE-2023-42547
< 14.5.00.7
Use of implicit intent for sensitive communication vulnerability in startEmailValidationActivity in Samsung Account prior to versi
5.5MEDIUM
 CVE-2023-42546
< 14.5.00.7
Use of implicit intent for sensitive communication vulnerability in startAgreeToDisclaimerActivity in Samsung Account prior to ver
5.5MEDIUM
 CVE-2023-42540
< 14.5.01.1
Improper access control vulnerability in Samsung Account prior to version 14.5.01.1 allows attackers to access sensitive informati
4.0MEDIUM
 CVE-2022-39875
< 13.5.01.3
Improper component protection vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.
5.1MEDIUM
 CVE-2022-39874
< 13.5.01.3
Sensitive log information leakage vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout
4.0MEDIUM
 CVE-2022-39863
< 13.5.01.3
Intent redirection vulnerability in Samsung Account prior to version 13.5.01.3 allows attackers to access content providers withou
3.6LOW
 CVE-2022-30743
< 13.2.00.6
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the data of contact and
5.3MEDIUM
 CVE-2022-30739
< 13.2.00.6
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get an user email or phone n
4.0MEDIUM
 CVE-2022-30737
< 13.2.00.6
Implicit Intent hijacking vulnerability in Samsung Account prior to version 13.2.00.6 allows attackers to get email ID.
4.0MEDIUM
 CVE-2022-30736
< 13.2.00.6
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the data of contact and
5.3MEDIUM
 CVE-2022-30735
< 13.2.00.6
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the access_token without
5.9MEDIUM
 CVE-2022-30734
< 13.2.00.6
Sensitive information exposure in Sign-out log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email
4.0MEDIUM
 CVE-2022-30733
< 13.2.00.6
Sensitive information exposure in Sign-in log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email
4.0MEDIUM
 CVE-2022-30732
< 13.2.00.6
Exposure of Sensitive Information vulnerability in Samsung Account prior to version 13.2.00.6 allows attacker to access sensitive
5.5MEDIUM
 CVE-2022-25825
< 13.1.0.1
Improper access control vulnerability in Samsung Account prior to version 13.1.0.1 allows attackers to access to the authcode for
6.2MEDIUM
 CVE-2021-25403
< 10.8.0.4
Intent redirection vulnerability in Samsung Account prior to version 10.8.0.4 in Android P(9.0) and below, and 12.2.0.9 in Android
3.3LOW
 CVE-2021-25381
all versions
Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in Android P(9.0) and below, and 12.1.1.3 in Android Q(10.0) an
5.5MEDIUM
 CVE-2021-25351
< 10.7.07
Improper Access Control in EmailValidationView in Samsung Account prior to version 10.7.0.7 and 12.1.1.3 allows physically proxima
3.2LOW
 CVE-2021-25350
< 12.1.1.3
Information Exposure vulnerability in Samsung Account prior to version 12.1.1.3 allows physically proximate attackers to access us
2.0LOW
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh