Samsung Android应用安全公告: 包含CVE-2025-20949等路径遍历及权限绕过漏洞

关键漏洞信息 Android Applications Updates CVE-2025-20949: Path traversal vulnerability in Samsung Members - Severity: Moderate - Resolved version: 5.0.00.11 - Reported on: April 20, 2024 CVE-2025-20965: Improper handling of insufficient permission in Bixby wakeup - Severity: Moderate - Resolved version: 2.3.74.8 - Reported on: May 9, 2024 CVE-2025-20965: Improper access control in Samsung Gallery - Severity: High - Resolved version: 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 - Reported on: May 24, 2024 CVE-2025-20967: Improper access control in Samsung Gallery - Severity: Moderate - Resolved version: 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 - Reported on: June 26, 2024 CVE-2025-20968: Improper access control in Samsung Gallery - Severity: Moderate - Resolved version: 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 - Reported on: August 7, 2024 CVE-2025-20969: Improper input validation in Samsung Gallery - Severity: Moderate - Resolved version: 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 - Reported on: August 8, 2024 CVE-2025-20970: Improper access control in Bixby Vision - Severity: Moderate - Resolved version: 3.8.3.1 in Android 13, 3.8.3 in Android 14, 3.8.21 in Android 15 - Reported on: December 8, 2024 CVE-2025-20971: Improper input validation in Samsung Flow - Severity: Moderate - Resolved version: 4.9.17.6 - Reported on: December 8, 2024 CVE-2025-20972: Improper verification of intent by broadcast receiver in Samsung Flow - Severity: Moderate - Resolved version: 4.9.17.6 - Reported on: December 22, 2024 CVE-2025-20973: Improper authentication in Secure Folder - Severity: High - Resolved version: 1.8.12.0 in Android 13, and 1.9.21.00 in Android 14 - Reported on: January 18, 2025 CVE-2025-20974: Improper handling of insufficient permission in PackageInstallerCN - Severity: Moderate - Resolved version: 15.0.7.10 - Reported on: January 24, 2025 CVE-2025-20975: Improper Export of Android Application Components in AODService - Severity: Moderate - Resolved version: 8.8.28.12 - Reported on: February 18, 2025 CVE-2025-20976: Out-of-bounds read in Samsung Notes - Severity: Moderate - Resolved version: 4.4.29.23 - Reported on: February 26, 2025 CVE-2025-20977: Use of implicit intent for sensitive communication in translation in Samsung Notes - Severity: Moderate - Resolved version: 4.4.29.23 - Reported on: March 5, 2025 CVE-2025-20978: Improper access control in PENUP - Severity: Moderate - Resolved version: 3.919.32 - Reported on: March 5, 2025 Other Software Updates CVE-2025-20979: Out-of-bounds write in libsvscmmn - Severity: Moderate - Resolved version: Android 15 - Reported on: April 28, 2025 CVE-2025-20980: Out-of-bounds write in libsvscmmn - Severity: Moderate - Resolved version: Android 15 - Reported on: April 28, 2025

目标达成 感谢每一位支持者 — 我们达成了 100% 目标！

Samsung Android应用安全公告: 包含CVE-2025-20949等路径遍历及权限绕过漏洞

目标达成感谢每一位支持者 — 我们达成了 100% 目标！