Improper Access Control in IAFDService Allows Local Privileged Use
CVE-2026-21040 Published on July 10, 2026
Improper access control in IAFDService prior to SMR Jul-2026 Release 1 allows local privileged attackers to use the privileged APIs.
Products Associated with CVE-2026-21040
Want to know whenever a new CVE is published for Samsung Mobile Devices? stack.watch will email you.
Affected Versions
Samsung Mobile Devices:- Version SMR Jul-2026 Release in Android 14, 15, 16 and below * is unaffected.