Platform
android
Component
samsung-email
Fixed in
SMR Feb-2021 Release 1
CVE-2021-25347 describes a hijacking vulnerability discovered in the Samsung Email application. This flaw allows attackers to intercept the execution of providers, potentially enabling unauthorized access and control. The vulnerability affects versions of Samsung Email prior to SMR Feb-2021 Release 1. A security patch has been released in SMR Feb-2021 Release 1.
The hijacking vulnerability in Samsung Email allows an attacker to intercept the execution of providers. This means that if a user interacts with a provider within the email application (e.g., opening a specific attachment or link), the attacker could potentially inject malicious code or redirect the execution flow. The impact could range from data theft (accessing sensitive information within emails) to more severe consequences like remote code execution, depending on the provider's functionality and the attacker's capabilities. While the specific attack vectors are not detailed in the CVE description, the potential for provider hijacking presents a significant security risk.
CVE-2021-25347 was publicly disclosed on March 4, 2021. There is no indication of active exploitation campaigns targeting this vulnerability at this time. No public proof-of-concept (PoC) code has been released. The vulnerability is not currently listed on the CISA KEV catalog. The medium CVSS score suggests a moderate level of exploitability and potential impact.
Exploit Status
EPSS
0.01% (3% percentile)
CVSS Vector
The primary mitigation for CVE-2021-25347 is to immediately upgrade the Samsung Email application to SMR Feb-2021 Release 1 or later. This update contains the necessary fixes to prevent the provider hijacking vulnerability. If upgrading is not immediately feasible due to compatibility issues or testing requirements, consider restricting user access to potentially malicious providers or implementing stricter email filtering policies. Monitor email traffic for unusual provider execution patterns. After upgrading, confirm the fix by attempting to trigger a provider execution and verifying that it behaves as expected without any signs of interception or malicious activity.
Update the Samsung Email application to version SMR Feb-2021 Release 1 or later. This update corrects the hijacking vulnerability that allows attackers to intercept provider execution.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2021-25347 is a medium severity vulnerability in Samsung Email affecting versions prior to SMR Feb-2021 Release 1, allowing attackers to intercept provider execution.
You are affected if you are using Samsung Email version prior to SMR Feb-2021 Release 1. Check your app version and update if necessary.
Upgrade Samsung Email to SMR Feb-2021 Release 1 or later to resolve the hijacking vulnerability.
There is currently no indication of active exploitation campaigns targeting CVE-2021-25347.
Refer to the Samsung Security Bulletin for details: [https://security.samsungmobile.com/securityDB/securityBulletin.do?svrhdwYwdlr=CVE-2021-25347](https://security.samsungmobile.com/securityDB/securityBulletin.do?svrhdwYwdlr=CVE-2021-25347)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your build.gradle file and we'll tell you instantly if you're affected.