HIGHCVE-2026-21000Published Modified CNA SamsungMobile
CVE-2026-21000: Improper access control in Galaxy Store prior to version 4
Improper access control in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege.
Metrics
- CVSS v4.0
- 7.0
- Severity
- HIGH
- Fixed in
- 4.6.03.8
- Affected Products
- 1
Fix available
4.6.03.8
Affected packages
- Samsung Mobile / Galaxy StoreFixed in 4.6.03.8
CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:NReferences