{"cve":{"cve_id":"CVE-2025-20970","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00124,"epss_percentile":0.0248,"epss_as_of":"2026-06-23","description":"Improper access control in Bixby Vision prior to version 3.8.1 in Android 13, 3.8.3 in Android 14, 3.8.21 in Android 15 allows local attackers to access image files with Bixby Vision privilege.","published_at":"2025-05-07T08:24:25.907000Z","last_modified_at":null,"cvss_v3_score":6.2,"cvss_v3_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss_v3_severity":"MEDIUM","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":null,"nvd_references":["https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=05"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:25:38.395576Z"},"effective_severity":"MEDIUM","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"L","value_label":"Local"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"N","value_label":"None"},{"metric":"I","name":"Integrity","value":"H","value_label":"High"},{"metric":"A","name":"Availability","value":"N","value_label":"None"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"samsung-mobile","vendor_name":"Samsung Mobile","product_slug":"bixby-vision","product_name":"Bixby Vision","version_start":"3.8.1 in Android 13, 3.8.3 in Android 14, 3.8.21 in Android 15","version_start_inclusive":true,"version_end":"3.8.1 in Android 13, 3.8.3 in Android 14, 3.8.21 in Android 15","version_end_inclusive":true,"cpe23_uri":"cve5:samsung-mobile:bixby-vision:3.8.1 in Android 13, 3.8.3 in Android 14, 3.8.21 in Android 15:3.8.1 in Android 13, 3.8.3 in Android 14, 3.8.21 in Android 15"}],"exploit_refs":[],"news":[],"references":[{"url":"https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=05","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2025-05-07T08:24:25.907000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:42:56.358585Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:42:56.358585Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:42:56.358585Z","label":"CVSS score revised","source":"cvelistv5"}]}