CVE-2025-21030 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-21030 PUBLISHED CVSS 4.300000190734863 MEDIUM

Improper handling of insufficient permission in AppPrelaunchManagerService prior to SMR Sep-2025 Release 1 in Chinese Android 15 allows local attackers to execute arbitrary application in the background.

EPSS 0.02% · 5.6th percentile

Risk Scores

CVSS v3.1

4.300000190734863

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

EPSS Score

0.02%

5.6th percentile

Affected Products

Vendor	Product	Versions
Samsung Mobile	Samsung Mobile Devices	SMR Sep-2025 Release in Chinese Android 15, 16

Timeline

Sep 3, 2025 EPSS Score
Sep 3, 2025 CVE Published
Sep 3, 2025 PoC Published
Sep 3, 2025 PoC Published
Sep 10, 2025 EPSS Score
Sep 17, 2025 EPSS Score
Sep 24, 2025 EPSS Score
Oct 1, 2025 EPSS Score
Oct 3, 2025 Coalition ESS Score
Oct 6, 2025 Coalition ESS Score
Oct 8, 2025 EPSS Score
Oct 15, 2025 EPSS Score

References

https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=09 url

Open in Interactive Console →