{"cve":{"cve_id":"CVE-2021-25381","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00213,"epss_percentile":0.11416,"epss_as_of":"2026-06-23","description":"Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in Android P(9.0) and below, and 12.1.1.3 in Android Q(10.0) and above allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.","published_at":"2021-04-09T17:40:41Z","last_modified_at":null,"cvss_v3_score":5.5,"cvss_v3_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss_v3_severity":"MEDIUM","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":["CWE-285"],"nvd_references":["https://security.samsungmobile.com/","https://security.samsungmobile.com/serviceWeb.smsb"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:15:14.945103Z"},"effective_severity":"MEDIUM","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"L","value_label":"Local"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"L","value_label":"Low"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"H","value_label":"High"},{"metric":"I","name":"Integrity","value":"N","value_label":"None"},{"metric":"A","name":"Availability","value":"N","value_label":"None"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"samsung-mobile","vendor_name":"Samsung Mobile","product_slug":"samsung-account","product_name":"Samsung Account","version_start":"Android P(9.0) and below","version_start_inclusive":true,"version_end":"10.8.0.4","version_end_inclusive":false,"cpe23_uri":"cve5:samsung-mobile:samsung-account:Android P(9.0) and below:10.8.0.4"},{"vendor_slug":"samsung-mobile","vendor_name":"Samsung Mobile","product_slug":"samsung-account","product_name":"Samsung Account","version_start":"Android Q(10.0) and above","version_start_inclusive":true,"version_end":"12.1.1.3","version_end_inclusive":false,"cpe23_uri":"cve5:samsung-mobile:samsung-account:Android Q(10.0) and above:12.1.1.3"}],"exploit_refs":[],"news":[],"references":[{"url":"https://security.samsungmobile.com/","source_type":"MISC","tags":[]},{"url":"https://security.samsungmobile.com/serviceWeb.smsb","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2021-04-09T17:40:41Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:05:36.865152Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:05:36.865152Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:05:36.865152Z","label":"CVSS score revised","source":"cvelistv5"}]}