CVE 8.8 HIGH

CVE-2025-21078_CVE-2025-21078

November 5, 2025 invoker category_cve

8.8 / 10

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows adjacent attackers to access backup data from applications.

AI Analysis

Adjacent attackers can access backup data due to insufficiently random secretKey in Smart Switch prior to version 3.7.68.6

Basic Information

ID CVE-2025-21078

Source SamsungMobile

Published Nov 5, 2025 at 05:41

Affected Product

Vendor Samsung Mobile

Product Smart Switch

Version 3.7.68.6

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor Samsung Mobile

Product Smart Switch

Version 3.7.68.6

References

security.samsungmobile.com /serviceWeb.smsb

{
    "lastseen": "",
    "description": "Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows adjacent attackers to access backup data from applications.",
    "published": "2025-11-05T05:41:00.294Z",
    "modified": "2025-11-05T05:41:00.294Z",
    "type": "cve",
    "title": "CVE-2025-21078",
    "source": "SamsungMobile",
    "references": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=11",
    "id": "CVE-2025-21078",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Smart Switch",
    "version": "3.7.68.6",
    "vendor": "Samsung Mobile",
    "ai_description": "Adjacent attackers can access backup data due to insufficiently random secretKey in Smart Switch prior to version 3.7.68.6",
    "ai_severity": "High",
    "ai_vendor": "Samsung Mobile",
    "ai_product": "Smart Switch",
    "ai_version": "3.7.68.6",
    "ai_score": 8.8
}

💭 Join the Security Discussion ❌ Cancel Reply