CVE-2025-21032 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-21032 PUBLISHED CVSS 5.900000095367432 MEDIUM

Improper access control in One UI Home prior to SMR Sep-2025 Release 1 allows physical attackers to bypass Kiosk mode under limited conditions.

EPSS 0.02% · 5.1th percentile

Risk Scores

CVSS v3.1

5.900000095367432

CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

EPSS Score

0.02%

5.1th percentile

Affected Products

Vendor	Product	Versions
Samsung Mobile	Samsung Mobile Devices	SMR Sep-2025 Release in Android 14, 15
samsung	android	14.0, 14.0, 14.0

Timeline

Sep 3, 2025 EPSS Score
Sep 3, 2025 CVE Published
Sep 3, 2025 PoC Published
Sep 3, 2025 PoC Published
Sep 10, 2025 EPSS Score
Sep 11, 2025 Coalition ESS Score
Sep 17, 2025 EPSS Score
Sep 24, 2025 EPSS Score
Oct 1, 2025 EPSS Score
Oct 3, 2025 Coalition ESS Score
Oct 6, 2025 Coalition ESS Score
Oct 8, 2025 EPSS Score

References

Open in Interactive Console →