Exposed ExpressHomeWidgetReceiver Enables Local Exec in Samsung Assistant <9.3.14
CVE-2026-21033 Published on June 5, 2026
Improper export of android application components in ExpressHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script.
Affected Versions
Samsung Mobile Samsung Assistant:- Version 9.3.14 and below * is unaffected.