CVE-2026-21034 PUBLISHED

Assigner: SamsungMobile
Reserved: 11.12.2025 Published: 05.06.2026 Updated: 05.06.2026

Improper export of android application components in Samsung Auto prior to version 3.1.2.61 in Android 15 and 3.2.0.38 in Android 16 allows local attacker to change audio configuration.

Metrics

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
CVSS Score: 4.8

Product Status

Vendor Samsung Mobile
Product Samsung Auto
Versions Default: affected
  • unaffected from 3.1.2.61 in Android 15 and 3.2.0.38 in Android 16 to * (excl.)

References

Problem Types

  • CWE-926: Improper Export of Android Application Components