Login Sign Up

CVE-2021-25414

7.8 HIGH

📋 TL;DR

CVE-2021-25414 is a vulnerability in Samsung Contacts that allows local attackers to copy or overwrite arbitrary files due to improper intent sanitization. This enables attackers to manipulate files with Samsung Contacts application privileges. Affected users are those with Samsung devices running vulnerable versions of the Contacts app prior to the June 2021 security update.

💻 Affected Systems

Products:
  • Samsung Contacts
Versions: Versions prior to SMR JUN-2021 Release 1
Operating Systems: Android (Samsung devices)
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects Samsung devices with the vulnerable Contacts app version; other Android devices are not affected.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could overwrite critical system files, potentially leading to device compromise, data loss, or privilege escalation.

🟠

Likely Case

Local attackers could copy sensitive files or overwrite user data, leading to information disclosure or data corruption.

🟢

If Mitigated

With proper patching, the vulnerability is eliminated; with proper app sandboxing, impact is limited to Contacts app data.

🌐 Internet-Facing: LOW - This is a local vulnerability requiring physical or local access to the device.
🏢 Internal Only: MEDIUM - Malicious apps or users with local access could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires local access; proof-of-concept details are available in public security blogs.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: SMR JUN-2021 Release 1 or later

Vendor Advisory: https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=6

Restart Required: Yes

Instructions:

1. Go to Settings > Software update on Samsung device. 2. Download and install the June 2021 security update. 3. Restart device after installation completes.

🔧 Temporary Workarounds

Disable Samsung Contacts

android

Temporarily disable the vulnerable Contacts app to prevent exploitation

adb shell pm disable-user --user 0 com.samsung.android.app.contacts

🧯 If You Can't Patch

  • Restrict physical access to devices and monitor for suspicious local activity
  • Use mobile device management (MDM) to control app installations and permissions

🔍 How to Verify

Check if Vulnerable:

Check Contacts app version in Settings > Apps > Samsung Contacts > App info

Check Version:

adb shell dumpsys package com.samsung.android.app.contacts | grep versionName

Verify Fix Applied:

Verify device has June 2021 security patch installed in Settings > About phone > Software information

📡 Detection & Monitoring

Log Indicators:

  • Unusual file operations by Contacts app
  • Intent handling errors in system logs

Network Indicators:

  • Not applicable - local vulnerability

SIEM Query:

Not applicable for typical enterprise monitoring

📊 Metadata

CVE ID: CVE-2021-25414
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-20
Published: June 11, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-25414, you might also want to check these:

CVE-2022-47190 10.0

CVE-2022-47190 allows remote attackers to upload malicious firmware containing a webshell to Generex...

Same vulnerability type (CWE-20)
CVE-2024-3400 10.0

CVE-2024-3400 is a critical command injection vulnerability in Palo Alto Networks PAN-OS GlobalProte...

Same vulnerability type (CWE-20)
CVE-2023-42802 10.0

This critical vulnerability in GLPI allows attackers to upload malicious PHP files to unauthorized d...

Same vulnerability type (CWE-20)