Plataforma
android
Componente
samsung-members
Corrigido em
2.4.81.13
3.8.00.13
CVE-2021-25343 describes a denial-of-service (DoS) vulnerability within the Samsung Members application. This flaw arises from the calling of a non-existent provider, allowing an attacker to potentially hijack the provider and trigger unauthorized actions. The vulnerability affects versions of Samsung Members prior to 2.4.81.13 on Android O (8.1) and below, and versions up to 3.8.00.13 on Android P (9.0) and above. A fix is available in version 3.8.00.13.
An attacker exploiting CVE-2021-25343 can induce a denial-of-service condition on a target device running the vulnerable Samsung Members application. By hijacking the provider, the attacker can potentially disrupt the normal operation of the app, preventing legitimate users from accessing its features. While the description doesn't detail specific data at risk, the ability to trigger unauthorized actions suggests potential for further exploitation and privilege escalation within the device's ecosystem. The blast radius is limited to the affected device, but widespread deployment of the Samsung Members app increases the overall potential impact.
CVE-2021-25343 was publicly disclosed on March 4, 2021. There is no indication of this vulnerability being actively exploited in the wild. The CVSS score is 4.0 (Medium), suggesting a moderate probability of exploitation. No KEV listing is currently available. Public proof-of-concept exploits are not widely available, but the vulnerability's nature suggests it could be relatively straightforward to exploit given sufficient knowledge of the Samsung Members application's internal workings.
Users of Samsung devices running Android O (8.1) and below, and those running Android P (9.0) and above with versions of the Samsung Members app prior to 3.8.00.13 are at risk. This includes users who have not enabled automatic app updates or who are using older, unsupported devices.
• android / app:
# Check for vulnerable Samsung Members versions
Get-InstalledPackage -Name "Samsung Members" | Select-Object Version | Where-Object { $_ -le "3.8.00.13" }• android / app:
# Check app permissions (may require root access)
adb shell pm list permissions -f com.samsung.android.members• android / system:
# Check system logs for errors related to provider calls
logcat -s "ActivityManager" | grep "ProviderNotFoundException"disclosure
Status do Exploit
EPSS
0.05% (percentil 17%)
Vetor CVSS
The primary mitigation for CVE-2021-25343 is to upgrade the Samsung Members application to version 3.8.00.13 or later. This version includes the necessary fix to prevent the calling of the non-existent provider. There are no immediate workarounds beyond ensuring users are running the latest available version of the app. Consider implementing mobile device management (MDM) policies to enforce app updates and prevent the installation of older, vulnerable versions. After upgrading, confirm the fix by attempting to trigger the vulnerable action (e.g., initiating a provider call) and verifying that it no longer results in an error or unauthorized behavior.
Atualize a aplicação Samsung Members para a versão 2.4.81.13 ou superior se estiver utilizando Android O(8.1) ou inferior. Se estiver utilizando Android P(9.0) ou superior, atualize para a versão 3.8.00.13 ou superior. Isso solucionará a vulnerabilidade que permite ações não autorizadas, incluindo ataques de negação de serviço.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2021-25343 is a denial-of-service vulnerability in the Samsung Members Android app, allowing unauthorized actions via provider hijacking.
You are affected if you are using Samsung Members version 3.8.00.13 or earlier on Android O (8.1) and below, or versions up to 3.8.00.13 on Android P (9.0) and above.
Upgrade the Samsung Members app to version 3.8.00.13 or later through the Google Play Store.
There is currently no evidence of CVE-2021-25343 being actively exploited in the wild.
Refer to the Samsung Security Bulletin for details: [https://security.samsung.com/sec.php?type=notice&no=113597](https://security.samsung.com/sec.php?type=notice&no=113597)
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.
Envie seu arquivo build.gradle e descubra na hora se você está afetado.