本ページは samsung smart_switch に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2026-21005 | Path traversal in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to overwrite arbitrary files with Smart Switch privilege. | [email protected] | 7.1 | 0.02% | 2026-03-16 | 2026-03-31 |
| CVE-2026-21004 | Improper authentication in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to trigger a denial of service. | [email protected] | 6.9 | 0.05% | 2026-03-16 | 2026-03-31 |
| CVE-2026-20999 | Authentication bypass by replay in Smart Switch prior to version 3.7.69.15 allows remote attackers to trigger privileged functions. | [email protected] | 7.1 | 0.16% | 2026-03-16 | 2026-03-31 |
| CVE-2026-20998 | Improper authentication in Smart Switch prior to version 3.7.69.15 allows remote attackers to bypass authentication. | [email protected] | 7.1 | 0.27% | 2026-03-16 | 2026-03-31 |
| CVE-2026-20997 | Improper verification of cryptographic signature in Smart Switch prior to version 3.7.69.15 allows remote attackers to potentially bypass authentication. | [email protected] | 5.3 | 0.13% | 2026-03-16 | 2026-03-31 |
| CVE-2026-20996 | Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.69.15 allows remote attackers to configure a downgraded scheme for authentication. | [email protected] | 7.1 | 0.05% | 2026-03-16 | 2026-03-31 |
| CVE-2026-20995 | Exposure of sensitive functionality to an unauthorized actor in Smart Switch prior to version 3.7.69.15 allows remote attackers to set a specific configuration. | [email protected] | 5.3 | 0.06% | 2026-03-16 | 2026-03-31 |
| CVE-2025-21078 | Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows adjacent attackers to access backup data from applications. | [email protected] | 8.8 | 0.02% | 2025-11-05 | 2025-11-07 |
| CVE-2025-21064 | Improper authentication in Smart Switch prior to version 3.7.66.6 allows adjacent attackers to access transferring data. | [email protected] | 8.8 | 0.03% | 2025-10-10 | 2025-10-28 |
| CVE-2025-21062 | Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.67.2 allows local attackers to replace the restoring application. User interaction is required for triggering this vulnerability. | [email protected] | 7.8 | 0.01% | 2025-10-10 | 2025-10-28 |
| CVE-2025-21061 | Cleartext storage of sensitive information in Smart Switch prior to version 3.7.67.2 allows local attackers to access sensitive data. User interaction is required for triggering this vulnerability. | [email protected] | 7.1 | 0.01% | 2025-10-10 | 2025-10-28 |
| CVE-2025-21060 | Cleartext storage of sensitive information in Smart Switch prior to version 3.7.67.2 allows local attackers to access backup data from applications. User interaction is required for triggering this vulnerability. | [email protected] | 5.5 | 0.01% | 2025-10-10 | 2025-10-28 |
| CVE-2025-20996 | Improper authorization in Smart Switch installed on non-Samsung Device prior to version 3.7.64.10 allows local attackers to read data with the privilege of Smart Switch. User interaction is required for triggering this vulnerability. | [email protected] | 5.0 | 0.01% | 2025-06-04 | 2025-10-28 |