Het aanroepen van een niet-bestaande provider in Samsung Members vóór versie 2.4.81.13 (in Android O(8.1) en lager) en 3.8.00.13 (in Android P(9.0) en hoger) maakt ongeautoriseerde acties mogelijk, waaronder denial of
Platform
android
Component
samsung-members
Opgelost in
2.4.81.13
3.8.00.13
CVE-2021-25343 describes a denial-of-service (DoS) vulnerability within the Samsung Members application. This flaw arises from the calling of a non-existent provider, allowing an attacker to potentially hijack the provider and trigger unauthorized actions. The vulnerability affects versions of Samsung Members prior to 2.4.81.13 on Android O (8.1) and below, and versions up to 3.8.00.13 on Android P (9.0) and above. A fix is available in version 3.8.00.13.
Detecteer deze CVE in je project
Upload je build.gradle-bestand en we vertellen je direct of je getroffen bent.
Impact en Aanvalsscenarioswordt vertaald…
An attacker exploiting CVE-2021-25343 can induce a denial-of-service condition on a target device running the vulnerable Samsung Members application. By hijacking the provider, the attacker can potentially disrupt the normal operation of the app, preventing legitimate users from accessing its features. While the description doesn't detail specific data at risk, the ability to trigger unauthorized actions suggests potential for further exploitation and privilege escalation within the device's ecosystem. The blast radius is limited to the affected device, but widespread deployment of the Samsung Members app increases the overall potential impact.
Uitbuitingscontextwordt vertaald…
CVE-2021-25343 was publicly disclosed on March 4, 2021. There is no indication of this vulnerability being actively exploited in the wild. The CVSS score is 4.0 (Medium), suggesting a moderate probability of exploitation. No KEV listing is currently available. Public proof-of-concept exploits are not widely available, but the vulnerability's nature suggests it could be relatively straightforward to exploit given sufficient knowledge of the Samsung Members application's internal workings.
Wie Loopt Risicowordt vertaald…
Users of Samsung devices running Android O (8.1) and below, and those running Android P (9.0) and above with versions of the Samsung Members app prior to 3.8.00.13 are at risk. This includes users who have not enabled automatic app updates or who are using older, unsupported devices.
Detectiestappenwordt vertaald…
• android / app:
# Check for vulnerable Samsung Members versions
Get-InstalledPackage -Name "Samsung Members" | Select-Object Version | Where-Object { $_ -le "3.8.00.13" }• android / app:
# Check app permissions (may require root access)
adb shell pm list permissions -f com.samsung.android.members• android / system:
# Check system logs for errors related to provider calls
logcat -s "ActivityManager" | grep "ProviderNotFoundException"Aanvalstijdlijn
- Disclosure
disclosure
Dreigingsinformatie
Exploit Status
EPSS
0.05% (17% percentiel)
CVSS-vector
Wat betekenen deze metrics?
- Attack Vector
- Lokaal — aanvaller heeft een lokale sessie of shell op het systeem nodig.
- Attack Complexity
- Laag — geen speciale voorwaarden vereist. Betrouwbaar uitbuitbaar.
- Privileges Required
- Geen — geen authenticatie vereist om te exploiteren.
- User Interaction
- Geen — automatische en stille aanval. Slachtoffer doet niets.
- Scope
- Ongewijzigd — impact beperkt tot het kwetsbare component.
- Confidentiality
- Geen — geen vertrouwelijkheidsimpact.
- Integrity
- Geen — geen integriteitsimpact.
- Availability
- Laag — gedeeltelijke of intermitterende denial of service.
Getroffen Software
Zwakheidsclassificatie (CWE)
Tijdlijn
- Gereserveerd
- Gepubliceerd
- Gewijzigd
- EPSS bijgewerkt
Mitigatie en Workaroundswordt vertaald…
The primary mitigation for CVE-2021-25343 is to upgrade the Samsung Members application to version 3.8.00.13 or later. This version includes the necessary fix to prevent the calling of the non-existent provider. There are no immediate workarounds beyond ensuring users are running the latest available version of the app. Consider implementing mobile device management (MDM) policies to enforce app updates and prevent the installation of older, vulnerable versions. After upgrading, confirm the fix by attempting to trigger the vulnerable action (e.g., initiating a provider call) and verifying that it no longer results in an error or unauthorized behavior.
Hoe te verhelpen
Werk de Samsung Members applicatie bij naar versie 2.4.81.13 of hoger als u Android O(8.1) of lager gebruikt. Als u Android P(9.0) of hoger gebruikt, werk dan bij naar versie 3.8.00.13 of hoger. Dit zal de kwetsbaarheid die ongeautoriseerde acties mogelijk maakt, inclusief denial of service aanvallen, oplossen.
CVE Beveiligingsnieuwsbrief
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
Veelgestelde vragenwordt vertaald…
What is CVE-2021-25343 — DoS in Samsung Members?
CVE-2021-25343 is a denial-of-service vulnerability in the Samsung Members Android app, allowing unauthorized actions via provider hijacking.
Am I affected by CVE-2021-25343 in Samsung Members?
You are affected if you are using Samsung Members version 3.8.00.13 or earlier on Android O (8.1) and below, or versions up to 3.8.00.13 on Android P (9.0) and above.
How do I fix CVE-2021-25343 in Samsung Members?
Upgrade the Samsung Members app to version 3.8.00.13 or later through the Google Play Store.
Is CVE-2021-25343 being actively exploited?
There is currently no evidence of CVE-2021-25343 being actively exploited in the wild.
Where can I find the official Samsung advisory for CVE-2021-25343?
Refer to the Samsung Security Bulletin for details: [https://security.samsung.com/sec.php?type=notice&no=113597](https://security.samsung.com/sec.php?type=notice&no=113597)
Is jouw project getroffen?
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.