Insufficient Random secretKey in Smart Switch <3.7.68.6 Adjacent Attack Backup Access
CVE-2025-21078 Published on November 5, 2025

Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows adjacent attackers to access backup data from applications.

NVD

Vulnerability Analysis

Attack Vector:

ADJACENT_NETWORK

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Products Associated with CVE-2025-21078

Want to know whenever a new CVE is published for Samsung Smart Switch? stack.watch will email you.

Samsung Smart Switch

Affected Versions

Samsung Mobile Smart Switch Version 3.7.68.6 is unaffected by CVE-2025-21078

Exploit Probability

EPSS

0.04%

Percentile

10.01%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Insufficient Random secretKey in Smart Switch <3.7.68.6 Adjacent Attack Backup AccessCVE-2025-21078 Published on November 5, 2025

Vulnerability Analysis

Products Associated with CVE-2025-21078

Affected Versions

Exploit Probability

Insufficient Random secretKey in Smart Switch <3.7.68.6 Adjacent Attack Backup Access
CVE-2025-21078 Published on November 5, 2025