Vulnerability in Samsung Mobile Devices

CVE-2026-21012

External control of file name in AODManager prior to SMR Apr-2026 Release 1 allows privileged local attacker to create file with system privilege.

EPSS: 0.000 (4.5th percentile) — read the EPSS interpretation.

Affected products

Samsung Mobile Devices — versions SMR Apr-2026 Release in Android 14, 15, 16

References

security.samsungmobile.com/securityUpdate.smsb