关键漏洞信息 SEP-2025 Updates Android Applications Updates SVE-2025-04642 (CVE-2025-21037): Improper access control in Samsung Notes - Severity: High - Resolved version: 4.4.30.65 - Reported on: April 24, 2025 - Description: Allows physical attackers to access data across multiple user profiles. - Patch: Adds proper access control. SVE-2025-0479 (CVE-2025-21040): Improper verification of intent by ExternalBroadcastReceiver in S Assistant - Severity: Moderate - Resolved version: 9.3.2 - Reported on: April 26, 2025 - Description: Allows local attackers to modify itinerary information. - Patch: Adds proper verification. SVE-2025-0311 (CVE-2025-21036): Improper access control in Samsung Notes - Severity: Moderate - Resolved version: 4.4.30.65 - Reported on: February 28, 2025 - Description: Allows local privileged attackers to access exported note files. - Patch: Adds proper access control. SVE-2024-1751 (CVE-2025-21035): Improper access control in Samsung Calendar - Severity: High - Resolved version: 12.5.06.5 in Android 14 and 12.6.01.12 in Android 15 - Reported on: September 6, 2024 - Description: Allows physical attackers to access data across multiple user profiles. - Patch: Adds proper access control. SVE-2025-0677 (CVE-2025-21038): Improper verification of intent by SamsungExceptionalBroadcastReceiver in S Assistant - Severity: Moderate - Resolved version: 9.3.2 - Reported on: April 25, 2025 - Description: Allows local attackers to modify itinerary information. - Patch: Adds proper verification. SVE-2025-0678 (CVE-2025-21039): Improper verification of intent by SystemExceptionalBroadcastReceiver in S Assistant - Severity: Moderate - Resolved version: 9.3.2 - Reported on: April 26, 2025 - Description: Allows local attackers to modify itinerary information. - Patch: Adds proper verification. Other Software Updates SVE-2024-2258 (CVE-2025-21041): Insecure Storage of Sensitive Information in Secure Folder - Severity: Moderate - Resolved version: Android 16 - Reported on: December 11, 2024 - Description: Allows local attackers to access sensitive information. - Patch: Adds proper access control.