Login Sign Up

CVE-2025-20968

7.2 HIGH

📋 TL;DR

This vulnerability allows remote attackers to bypass access controls in Samsung Gallery app, potentially accessing user data and performing unauthorized internal operations. It affects Samsung Galaxy devices running Android 13 and 14 with vulnerable versions of the Gallery app.

💻 Affected Systems

Products:
  • Samsung Gallery app
Versions: Prior to version 14.5.10.3 (Global Android 13), 14.5.09.3 (China Android 13), and 15.5.04.5 (Android 14)
Operating Systems: Android 13, Android 14
Default Config Vulnerable: ⚠️ Yes
Notes: Affects Samsung Galaxy devices with vulnerable Gallery app versions. The vulnerability is in the app itself, not the underlying Android OS.

📦 What is this software?

Gallery by Samsung

View all CVEs affecting Gallery →

Gallery by Samsung

View all CVEs affecting Gallery →

Gallery by Samsung

View all CVEs affecting Gallery →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote attackers could access private photos, videos, and gallery metadata, modify or delete content, and potentially perform other unauthorized operations within the app's context.

🟠

Likely Case

Unauthorized access to gallery content and metadata, potentially including location data, timestamps, and other sensitive information associated with media files.

🟢

If Mitigated

Limited impact with proper network segmentation and app sandboxing, though some data exposure may still occur.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

The description indicates remote attackers can exploit this, suggesting network-accessible attack vectors. No public exploit details are available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 14.5.10.3 (Global Android 13), 14.5.09.3 (China Android 13), 15.5.04.5 (Android 14)

Vendor Advisory: https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=05

Restart Required: No

Instructions:

1. Open Galaxy Store or Google Play Store on your Samsung device. 2. Search for 'Samsung Gallery'. 3. Update to the latest version. 4. Alternatively, enable automatic updates in your app store settings.

🔧 Temporary Workarounds

Disable Gallery app network permissions

android

Restrict the Gallery app's network access to prevent remote exploitation

Settings > Apps > Gallery > Permissions > Disable network-related permissions

Use alternative gallery app

android

Temporarily use a different gallery application while waiting for patch

🧯 If You Can't Patch

  • Disable or restrict network access to affected devices
  • Implement network segmentation to isolate vulnerable devices from untrusted networks

🔍 How to Verify

Check if Vulnerable:

Check Gallery app version in Settings > Apps > Gallery > App info

Check Version:

adb shell dumpsys package com.sec.android.gallery3d | grep versionName

Verify Fix Applied:

Verify Gallery app version is 14.5.10.3 or higher (Global Android 13), 14.5.09.3 or higher (China Android 13), or 15.5.04.5 or higher (Android 14)

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized access attempts to Gallery app processes
  • Unexpected network connections to Gallery app

Network Indicators:

  • Unexpected network traffic to/from Gallery app port
  • Suspicious Gallery app API calls from external sources

SIEM Query:

source="android_logs" app="Gallery" (event="permission_denied" OR event="unauthorized_access")

📊 Metadata

CVE ID: CVE-2025-20968
CVSS v3 Score: 7.2 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
EPSS Score: 0.08% exploit probability (24th percentile)
Published: May 7, 2025
Last Updated: January 30, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON