Samsung Notes up to 4.4.29.23 implicit intent

Summaryinfo

A vulnerability labeled as problematic has been found in Samsung Notes. Affected by this issue is some unknown functionality. The manipulation results in implicit intent. This vulnerability is known as CVE-2025-21036. Attacking locally is a requirement. No exploit is available. The affected component should be upgraded.

Detailsinfo

A vulnerability classified as problematic has been found in Samsung Notes. Affected is an unknown part. The manipulation with an unknown input leads to a implicit intent vulnerability. CWE is classifying the issue as CWE-927. The Android application uses an implicit intent for transmitting sensitive data to other applications. This is going to have an impact on confidentiality. CVE summarizes:

Improper access control in Samsung Notes prior to version 4.4.30.63 allows local privileged attackers to access exported note files. User interaction is required for triggering this vulnerability.

The advisory is available at security.samsungmobile.com. This vulnerability is traded as CVE-2025-21036 since 11/06/2024. The exploitability is told to be easy. Local access is required to approach this attack. Successful exploitation requires user interaction by the victim. The technical details are unknown and an exploit is not available.

Upgrading to version 4.4.30.63 eliminates this vulnerability.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Productinfo

Type

• Smartphone Operating System

Vendor

• Samsung

Name

• Notes

Version

• 2.0.02.31
• 4.2.00.22
• 4.2.04.27
• 4.3.14.39
• 4.4.15
• 4.4.21.62
• 4.4.26.71
• 4.4.29.23

License

• commercial

Website

• Vendor: https://www.samsung.com/

CPE 2.3info

• 🔒
• 🔒
• 🔒

CPE 2.2info

• 🔒
• 🔒
• 🔒

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Discussion