Vulnerability in Samsung Mobile Devices

CVE-2026-20992

Improper authorization in Settings prior to SMR Mar-2026 Release 1 allows local attacker to disable configuring the background data usage of application.

EPSS: 0.000 (5.8th percentile) — read the EPSS interpretation.

Affected products

Samsung Mobile Devices — versions SMR Mar-2026 Release in Android 13, 14, 15, 16

References

security.samsungmobile.com/securityUpdate.smsb