CVE-2025-20940 Information

Description

Improper handling of insufficient permission in Samsung Device Health Manager Service prior to SMR Apr-2025 Release 1 allows local attackers to access provider in SDMHS.

Reference

https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04