CVE-2021-25376 is a vulnerability in Samsung Email
Published on April 9, 2021

An improper synchronization logic in Samsung Email prior to version 6.1.41.0 can leak messages in certain mailbox in plain text when STARTTLS negotiation is failed.

NVD

Vulnerability Analysis

Attack Vector:

ADJACENT_NETWORK

Attack Complexity:

HIGH

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

LOW

Integrity Impact:

NONE

Availability Impact:

NONE

Weakness Type

What is an Information Disclosure Vulnerability?

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

CVE-2021-25376 has been classified to as an Information Disclosure vulnerability or weakness.

Products Associated with CVE-2021-25376

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-25376 are published in Samsung Email:

Samsung Email

Affected Versions

Samsung Mobile Samsung Email:

Version unspecified and below 6.1.41.0 is affected.

Exploit Probability

EPSS

0.25%

Percentile

47.68%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-25376 is a vulnerability in Samsung EmailPublished on April 9, 2021

Vulnerability Analysis

Weakness Type

What is an Information Disclosure Vulnerability?

Products Associated with CVE-2021-25376

Affected Versions

Exploit Probability

CVE-2021-25376 is a vulnerability in Samsung Email
Published on April 9, 2021