{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-20977","assignerOrgId":"3af57064-a867-422c-b2ad-40307b65c458","state":"PUBLISHED","assignerShortName":"SamsungMobile","dateReserved":"2024-11-06T02:30:14.870Z","datePublished":"2025-05-07T08:24:34.627Z","dateUpdated":"2025-05-07T14:06:03.881Z"},"containers":{"cna":{"problemTypes":[{"descriptions":[{"lang":"en","description":"CWE-927: Use of Implicit Intent for Sensitive Communication"}]}],"affected":[{"vendor":"Samsung Mobile","product":"Samsung Notes","versions":[{"status":"unaffected","version":"4.4.29.23"}],"defaultStatus":"affected"}],"descriptions":[{"lang":"en","value":"Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version 4.4.29.23 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability."}],"references":[{"url":"https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=05"}],"metrics":[{"format":"CVSS","cvssV3_1":{"version":"3.1","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE","baseSeverity":"LOW","baseScore":3.3,"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}}],"providerMetadata":{"orgId":"3af57064-a867-422c-b2ad-40307b65c458","shortName":"SamsungMobile","dateUpdated":"2025-05-07T08:24:34.627Z"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-05-07T14:03:42.790012Z","id":"CVE-2025-20977","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-05-07T14:06:03.881Z"}}]}}