{"cve":{"cve_id":"CVE-2021-25438","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.01707,"epss_percentile":0.74315,"epss_as_of":"2026-06-23","description":"Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause local file inclusion in webview.","published_at":"2021-07-08T13:47:18Z","last_modified_at":null,"cvss_v3_score":null,"cvss_v3_vector":null,"cvss_v3_severity":null,"cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":["CWE-284"],"nvd_references":["https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=7"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:15:15.537358Z"},"effective_severity":null,"badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":null,"metrics":[]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"samsung-mobile","vendor_name":"Samsung Mobile","product_slug":"samsung-members","product_name":"Samsung Members","version_start":null,"version_start_inclusive":true,"version_end":"2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above","version_end_inclusive":false,"cpe23_uri":"cve5:samsung-mobile:samsung-members:*:2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above"}],"exploit_refs":[],"news":[],"references":[{"url":"https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=7","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2021-07-08T13:47:18Z","label":"CVE published","source":null}]}