CVE Catalog

CVE-2026-21034

LowCVSS 3.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.08%

0th percentile — higher than 0% of all known CVEs

Summary

The vulnerability in Samsung Auto prior to versions 3.1.2.61 (Android 15) and 3.2.0.38 (Android 16) is due to improper export of application components. This allows a local attacker to change the audio configuration.

Risk Assessment

The risk is that a local attacker can unauthorizedly change audio settings, potentially leading to application disruption or eavesdropping.

Recommendation

It is recommended to immediately update Samsung Auto to version 3.1.2.61 (Android 15) or 3.2.0.38 (Android 16) or later.

Original NVD description (English source)

Improper export of android application components in Samsung Auto prior to version 3.1.2.61 in Android 15 and 3.2.0.38 in Android 16 allows local attacker to change audio configuration.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS