Internet Samsung Internet

Do you want an email whenever new security vulnerabilities are reported in Samsung Internet?

By the Year

In 2024 there have been 1 vulnerability in Samsung Internet with an average score of 4.6 out of ten. Last year Internet had 2 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Internet in 2024 could surpass last years number. Last year, the average CVE base score was greater by 0.95

Year Vulnerabilities Average Score
2024 1 4.60
2023 2 5.55
2022 6 4.87
2021 10 5.33
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Internet vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Samsung Internet Security Vulnerabilities

Improper authorization verification vulnerability in Samsung Internet prior to version 24.0

CVE-2024-20828 4.6 - Medium - February 06, 2024

Improper authorization verification vulnerability in Samsung Internet prior to version 24.0 allows physical attackers to access files downloaded in SecretMode without proper authentication.

AuthZ

Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35

CVE-2023-30704 4.6 - Medium - August 10, 2023

Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication.

Improper configuration in Samsung Internet prior to version 21.0.0.41

CVE-2023-30674 6.5 - Medium - July 06, 2023

Improper configuration in Samsung Internet prior to version 21.0.0.41 allows attacker to bypass SameSite Cookie.

Improper authorization vulnerability in Samsung Internet prior to version 18.0.4.14

CVE-2022-39873 4.6 - Medium - October 07, 2022

Improper authorization vulnerability in Samsung Internet prior to version 18.0.4.14 allows physical attackers to add bookmarks in secret mode without user authentication.

Improper check in Loader in Samsung Internet prior to 17.0.1.69

CVE-2022-30738 4.3 - Medium - June 07, 2022

Improper check in Loader in Samsung Internet prior to 17.0.1.69 allows attackers to spoof address bar via executing script.

Improper Check for Unusual or Exceptional Conditions

Improper auto-fill algorithm in Samsung Internet prior to version 17.0.1.69

CVE-2022-30740 4.3 - Medium - June 07, 2022

Improper auto-fill algorithm in Samsung Internet prior to version 17.0.1.69 allows physical attackers to guess stored credit card numbers.

Insecure Storage of Sensitive Information

Improper authentication vulnerability in SecretMode in Samsung Internet prior to version 16.2.1

CVE-2022-27839 4 - Medium - April 11, 2022

Improper authentication vulnerability in SecretMode in Samsung Internet prior to version 16.2.1 allows attackers to access bookmark tab without proper credentials.

authentification

Incorrect download source UI in Downloads in Samsung Internet prior to 16.0.6.23

CVE-2022-22290 6.5 - Medium - January 14, 2022

Incorrect download source UI in Downloads in Samsung Internet prior to 16.0.6.23 allows attackers to perform domain spoofing via a crafted HTML page.

Improper Handling of Exceptional Conditions

Improper authentication vulnerability in Samsung Internet prior to 16.0.2.19

CVE-2022-22284 5.5 - Medium - January 10, 2022

Improper authentication vulnerability in Samsung Internet prior to 16.0.2.19 allows attackers to bypass secret mode password authentication

authentification

Insecure caller check and input validation vulnerabilities in SearchKeyword deeplink logic prior to Samsung Internet 16.0.2

CVE-2021-25520 6.1 - Medium - December 08, 2021

Insecure caller check and input validation vulnerabilities in SearchKeyword deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to execute script codes in Samsung Internet.

XSS

Insecure caller check in sharevia deeplink logic prior to Samsung Internet 16.0.2

CVE-2021-25521 3.3 - Low - December 08, 2021

Insecure caller check in sharevia deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to get current tab URL in Samsung Internet.

Files or Directories Accessible to External Parties

Improper scheme check vulnerability in Samsung Internet prior to version 15.0.2.47

CVE-2021-25466 5.9 - Medium - September 09, 2021

Improper scheme check vulnerability in Samsung Internet prior to version 15.0.2.47 allows attackers to perform Man-in-the-middle attack and obtain Samsung Account token.

authentification

Unprotected component vulnerability in Samsung Internet prior to version 14.2

CVE-2021-25445 5.3 - Medium - August 05, 2021

Unprotected component vulnerability in Samsung Internet prior to version 14.2 allows untrusted application to access internal files in Samsung Internet.

authentification

Non-compliance of recommended secure coding scheme in Samsung Internet prior to version 14.0.1.62

CVE-2021-25419 6.5 - Medium - June 11, 2021

Non-compliance of recommended secure coding scheme in Samsung Internet prior to version 14.0.1.62 allows attackers to display fake URL in address bar via phising URL link.

Intent redirection vulnerability in Samsung Internet prior to version 14.0.1.20

CVE-2021-25400 7.8 - High - June 11, 2021

Intent redirection vulnerability in Samsung Internet prior to version 14.0.1.20 allows attacker to execute privileged action.

Improper component protection vulnerability in Samsung Internet prior to version 14.0.1.62

CVE-2021-25418 7.8 - High - June 11, 2021

Improper component protection vulnerability in Samsung Internet prior to version 14.0.1.62 allows untrusted applications to execute arbitrary activity in specific condition.

AuthZ

Improper input check in Samsung Internet prior to version 13.2.1.46

CVE-2021-25354 5.3 - Medium - March 25, 2021

Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch non-exported activity in Samsung Browser via malicious deeplink.

Improper access control in Samsung Internet prior to version 13.2.1.70

CVE-2021-25366 2.9 - Low - March 25, 2021

Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication.

Improper permission grant check in Samsung Internet prior to version 13.0.1.60

CVE-2021-25348 2.4 - Low - March 04, 2021

Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to files in internal storage without authorized STORAGE permission.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Samsung Internet or by Samsung? Click the Watch button to subscribe.

Samsung
Vendor

subscribe