CVE-2025-20965 – This vulnerability in Samsung's Bixby wakeup fe... (How to Fix)

Q: What is the severity of CVE-2025-20965?

CVE-2025-20965 has a CVSS score of 6.2 (MEDIUM). This vulnerability in Samsung's Bixby wakeup feature allows local attackers to bypass permission checks and access sensitive data. It affects Samsung devices with Bixby versions prior to 2.3.74.8. The attack requires physical or local access to the device.

📋 TL;DR

This vulnerability in Samsung's Bixby wakeup feature allows local attackers to bypass permission checks and access sensitive data. It affects Samsung devices with Bixby versions prior to 2.3.74.8. The attack requires physical or local access to the device.

💻 Affected Systems

Products:

Samsung devices with Bixby wakeup feature

Versions: Bixby versions prior to 2.3.74.8

Operating Systems: Android (Samsung devices)

Default Config Vulnerable: ⚠️ Yes

Notes: Affects Samsung smartphones and tablets with Bixby enabled. Exact device models not specified in advisory.

📦 What is this software?

Bixby by Samsung

View all CVEs affecting Bixby →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local attacker gains unauthorized access to sensitive user data stored by Bixby, potentially including voice recordings, personal information, or device credentials.

🟠

Likely Case

Local user or malicious app with limited permissions accesses Bixby data they shouldn't be able to see, compromising user privacy.

🟢

If Mitigated

Attack fails due to proper access controls or device being patched, with no data exposure.

🌐 Internet-Facing: LOW - This is a local vulnerability requiring physical or local access to the device.

🏢 Internal Only: MEDIUM - Within an organization, a malicious insider or compromised device could exploit this to access sensitive data.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Requires local access to device. Likely involves manipulating Bixby wakeup process to bypass permission checks.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Bixby version 2.3.74.8 or later

Vendor Advisory: https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=05

Restart Required: Yes

Instructions:

1. Open Samsung Galaxy Store. 2. Search for Bixby updates. 3. Install Bixby update to version 2.3.74.8 or later. 4. Restart device after update.

🔧 Temporary Workarounds

Disable Bixby wakeup

android

Temporarily disable Bixby wakeup feature to prevent exploitation

Restrict physical access

all

Ensure devices are physically secured and not accessible to unauthorized users

🧯 If You Can't Patch

Disable Bixby wakeup feature in device settings
Implement strict physical security controls for vulnerable devices

🔍 How to Verify

Check if Vulnerable:

Check Bixby version in device settings > Apps > Bixby > App info

Check Version:

No CLI command - check via device settings UI

Verify Fix Applied:

Confirm Bixby version is 2.3.74.8 or higher after update

📡 Detection & Monitoring

Log Indicators:

Unauthorized Bixby wakeup attempts
Permission denial logs from Bixby service

Network Indicators:

None - local vulnerability only

SIEM Query:

Search for Bixby permission errors or unexpected Bixby service access in Android logs

📊 Metadata

CVE ID: CVE-2025-20965

CVSS v3 Score: 6.2 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score: 0.03% exploit probability (6.5th percentile)

Published: May 7, 2025

Last Updated: July 18, 2025

🔗 References

https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=05 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON