{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-20969","assignerOrgId":"3af57064-a867-422c-b2ad-40307b65c458","state":"PUBLISHED","assignerShortName":"SamsungMobile","dateReserved":"2024-11-06T02:30:14.867Z","datePublished":"2025-05-07T08:24:24.722Z","dateUpdated":"2025-05-07T15:51:19.190Z"},"containers":{"cna":{"problemTypes":[{"descriptions":[{"lang":"en","description":"CWE-20: Improper Input Validation"}]}],"affected":[{"vendor":"Samsung Mobile","product":"Samsung Gallery","versions":[{"status":"unaffected","version":"14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14"}],"defaultStatus":"affected"}],"descriptions":[{"lang":"en","value":"Improper input validation in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows local attackers to access data within Samsung Gallery."}],"references":[{"url":"https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=05"}],"metrics":[{"format":"CVSS","cvssV3_1":{"version":"3.1","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseSeverity":"MEDIUM","baseScore":5.5,"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}}],"providerMetadata":{"orgId":"3af57064-a867-422c-b2ad-40307b65c458","shortName":"SamsungMobile","dateUpdated":"2025-05-07T08:24:24.722Z"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-05-07T15:49:24.426858Z","id":"CVE-2025-20969","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-05-07T15:51:19.190Z"}}]}}