ID
VAR-202111-0046
CVE
CVE-2021-25509
TITLE
Samsung Flow Windows Application validation vulnerability
Trust: 0.8
sources:
JVNDB: JVNDB-2021-014725
DESCRIPTION
A missing input validation in Samsung Flow Windows application prior to Version 4.8.5.0 allows attackers to overwrite abtraty file in the Windows known folders
Trust: 1.62
sources:
NVD: CVE-2021-25509 //
JVNDB: JVNDB-2021-014725
AFFECTED PRODUCTS
| vendor: | samsung | model: | flow | scope: | lt | version: | 4.8.5.0 | Trust: 1.0 |
| vendor: | サムスン | model: | samsung flow | scope: | eq | version: | 4.8.5.0 | Trust: 0.8 |
| vendor: | サムスン | model: | samsung flow | scope: | eq | version: | - | Trust: 0.8 |
sources:
JVNDB: JVNDB-2021-014725 //
NVD: CVE-2021-25509
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
JVNDB: JVNDB-2021-014725 //
NVD: CVE-2021-25509 //
NVD: CVE-2021-25509 //
CNNVD: CNNVD-202111-478
PROBLEMTYPE DATA
| problemtype: | CWE-20 | Trust: 1.0 |
| problemtype: | Inappropriate input confirmation (CWE-20) [NVD evaluation ] | Trust: 0.8 |
sources:
JVNDB: JVNDB-2021-014725 //
NVD: CVE-2021-25509
THREAT TYPE
local
Trust: 0.6
sources:
CNNVD: CNNVD-202111-478
TYPE
input validation error
Trust: 0.6
sources:
CNNVD: CNNVD-202111-478
CONFIGURATIONS
sources:
NVD: CVE-2021-25509
PATCH
| title: | Security Updates (NOV-2021 Updates) | url: | https://security.samsungmobile.com/serviceweb.smsb?year=2021&month=11 | Trust: 0.8 |
| title: | Samsung Flow Enter the fix for the verification error vulnerability | url: | http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=170038 | Trust: 0.6 |
sources:
JVNDB: JVNDB-2021-014725 //
CNNVD: CNNVD-202111-478
EXTERNAL IDS
| db: | NVD | id: | CVE-2021-25509 | Trust: 3.2 |
| db: | JVNDB | id: | JVNDB-2021-014725 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-202111-478 | Trust: 0.6 |
sources:
JVNDB: JVNDB-2021-014725 //
NVD: CVE-2021-25509 //
CNNVD: CNNVD-202111-478
REFERENCES
| url: | https://security.samsungmobile.com/serviceweb.smsb?year=2021&month=11 | Trust: 1.6 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2021-25509 | Trust: 1.4 |
sources:
JVNDB: JVNDB-2021-014725 //
NVD: CVE-2021-25509 //
CNNVD: CNNVD-202111-478
SOURCES
| db: | JVNDB | id: | JVNDB-2021-014725 |
| db: | NVD | id: | CVE-2021-25509 |
| db: | CNNVD | id: | CNNVD-202111-478 |
LAST UPDATE DATE
2023-12-18T12:49:01.988000+00:00
SOURCES UPDATE DATE
| db: | JVNDB | id: | JVNDB-2021-014725 | date: | 2022-10-26T03:38:00 |
| db: | NVD | id: | CVE-2021-25509 | date: | 2021-11-09T15:57:08.983 |
| db: | CNNVD | id: | CNNVD-202111-478 | date: | 2021-11-17T00:00:00 |
SOURCES RELEASE DATE
| db: | JVNDB | id: | JVNDB-2021-014725 | date: | 2022-10-26T00:00:00 |
| db: | NVD | id: | CVE-2021-25509 | date: | 2021-11-05T03:15:12.013 |
| db: | CNNVD | id: | CNNVD-202111-478 | date: | 2021-11-05T00:00:00 |