Login Sign Up

CVE-2025-20967

5.1 MEDIUM

📋 TL;DR

This vulnerability allows attackers to read and write arbitrary files with Samsung Gallery's privileges due to improper access control. It affects Samsung Gallery on Android 13 and 14 devices before specific patched versions. Attackers could potentially access sensitive user data or modify files.

💻 Affected Systems

Products:
  • Samsung Gallery
Versions: Prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14
Operating Systems: Android 13, Android 14
Default Config Vulnerable: ⚠️ Yes
Notes: Affects Samsung devices running specified Android versions with vulnerable Samsung Gallery versions. Other Android devices or custom ROMs not affected.

📦 What is this software?

Gallery by Samsung

View all CVEs affecting Gallery →

Gallery by Samsung

View all CVEs affecting Gallery →

Gallery by Samsung

View all CVEs affecting Gallery →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of user's personal data including photos, documents, and other files accessible to Samsung Gallery, potentially leading to data theft, ransomware deployment, or device takeover.

🟠

Likely Case

Unauthorized access to user's photo gallery and related files, potential exfiltration of sensitive images or documents stored in accessible locations.

🟢

If Mitigated

Limited impact if proper app sandboxing and file permission controls are enforced, restricting access to only app-specific directories.

🌐 Internet-Facing: LOW - Requires local access or malicious app installation; not directly exploitable over network.
🏢 Internal Only: MEDIUM - Requires malicious app on device or physical access; could be exploited through social engineering or sideloaded apps.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires malicious app installation or physical access to device. Exploitation likely involves crafting specific intents or file operations to bypass access controls.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 14.5.10.3 for Global Android 13, 14.5.09.3 for China Android 13, 15.5.04.5 for Android 14

Vendor Advisory: https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=05

Restart Required: No

Instructions:

1. Open Galaxy Store or Google Play Store on Samsung device. 2. Search for Samsung Gallery updates. 3. Update to latest version. 4. Alternatively, enable auto-updates for system apps in device settings.

🔧 Temporary Workarounds

Disable Samsung Gallery

android

Temporarily disable the vulnerable app until patched

adb shell pm disable-user --user 0 com.sec.android.gallery3d

Restrict app permissions

android

Revoke unnecessary permissions from Samsung Gallery

🧯 If You Can't Patch

  • Use alternative gallery apps and disable Samsung Gallery
  • Enable enhanced security settings and avoid installing untrusted apps

🔍 How to Verify

Check if Vulnerable:

Check Samsung Gallery version in Settings > Apps > Samsung Gallery > App info

Check Version:

adb shell dumpsys package com.sec.android.gallery3d | grep versionName

Verify Fix Applied:

Verify Samsung Gallery version is equal to or higher than patched versions: 14.5.10.3 (Global Android 13), 14.5.09.3 (China Android 13), or 15.5.04.5 (Android 14)

📡 Detection & Monitoring

Log Indicators:

  • Unusual file access patterns from Samsung Gallery process
  • Permission denial logs for gallery app

Network Indicators:

  • Unusual outbound connections from gallery app (though unlikely)

SIEM Query:

process_name:"com.sec.android.gallery3d" AND (event_type:"file_access" OR event_type:"permission_violation")

📊 Metadata

CVE ID: CVE-2025-20967
CVSS v3 Score: 5.1 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS Score: 0.06% exploit probability (17.2th percentile)
Published: May 7, 2025
Last Updated: January 30, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON