CVE-2025-21079 – This vulnerability in Samsung Members app allow... (How to Fix)

Q: What is the severity of CVE-2025-21079?

CVE-2025-21079 has a CVSS score of 7.1 (HIGH). This vulnerability in Samsung Members app allows remote attackers to redirect users to arbitrary URLs and launch arbitrary activities with the app's privileges when users interact with malicious content. It affects Samsung device users running Samsung Members versions prior to 5.5.01.3.

📋 TL;DR

This vulnerability in Samsung Members app allows remote attackers to redirect users to arbitrary URLs and launch arbitrary activities with the app's privileges when users interact with malicious content. It affects Samsung device users running Samsung Members versions prior to 5.5.01.3.

💻 Affected Systems

Products:

Samsung Members

Versions: Versions prior to 5.5.01.3

Operating Systems: Android (Samsung devices)

Default Config Vulnerable: ⚠️ Yes

Notes: Affects Samsung devices with Samsung Members app installed. User interaction required for exploitation.

📦 What is this software?

Members by Samsung

View all CVEs affecting Members →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could execute arbitrary code with Samsung Members app privileges, potentially leading to data theft, device takeover, or installation of malware.

🟠

Likely Case

Attackers redirect users to phishing sites or malicious apps, potentially stealing credentials or personal information through social engineering.

🟢

If Mitigated

Limited to app-specific data exposure or minor privacy violations if proper app sandboxing and permissions are enforced.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Requires user interaction (clicking malicious link). Exploitation likely involves crafted URLs or app intents.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.5.01.3

Vendor Advisory: https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=11

Restart Required: No

Instructions:

1. Open Google Play Store on Samsung device. 2. Search for 'Samsung Members'. 3. If update available, tap 'Update'. 4. Alternatively, update through Galaxy Store if pre-installed.

🔧 Temporary Workarounds

Disable Samsung Members app

android

Temporarily disable the vulnerable app until patched

adb shell pm disable-user --user 0 com.samsung.android.voc

Restrict app permissions

android

Limit Samsung Members app permissions to minimum required

🧯 If You Can't Patch

Educate users not to click unknown links in Samsung Members app
Deploy mobile threat defense solution to detect malicious URL redirects

🔍 How to Verify

Check if Vulnerable:

Check Samsung Members app version in device settings > Apps > Samsung Members > App info

Check Version:

adb shell dumpsys package com.samsung.android.voc | grep versionName

Verify Fix Applied:

Verify Samsung Members version is 5.5.01.3 or higher

📡 Detection & Monitoring

Log Indicators:

Unusual URL launches from Samsung Members app
Intent launches to unexpected packages

Network Indicators:

Unexpected outbound connections from Samsung Members to unusual domains

SIEM Query:

source="android" app="Samsung Members" (event="url_launch" OR event="intent_start") url NOT IN allowed_urls_list

📊 Metadata

CVE ID: CVE-2025-21079

CVSS v3 Score: 7.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H

EPSS Score: 0.08% exploit probability (23.1th percentile)

Published: November 5, 2025

Last Updated: November 7, 2025

🔗 References

https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=11 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON