{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-21001", "assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458", "state": "PUBLISHED", "assignerShortName": "SamsungMobile", "dateReserved": "2025-12-11T01:33:35.802Z", "datePublished": "2026-03-16T04:32:09.910Z", "dateUpdated": "2026-03-16T13:59:43.525Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-35: Path Traversal"}]}], "affected": [{"vendor": "Samsung Mobile", "product": "Galaxy Store", "versions": [{"status": "unaffected", "version": "4.6.03.8"}], "defaultStatus": "affected"}], "descriptions": [{"lang": "en", "value": "Path traversal in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege."}], "references": [{"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"version": "4.0", "attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 5.9, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N", "baseSeverity": "MEDIUM"}}], "providerMetadata": {"orgId": "3af57064-a867-422c-b2ad-40307b65c458", "shortName": "SamsungMobile", "dateUpdated": "2026-03-16T04:32:09.910Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-16T13:59:38.019540Z", "id": "CVE-2026-21001", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T13:59:43.525Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-21001", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-16T13:59:38.019540Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T13:59:40.760Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV4_0": {"version": "4.0", "baseScore": 5.9, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE"}}], "affected": [{"vendor": "Samsung Mobile", "product": "Galaxy Store", "versions": [{"status": "unaffected", "version": "4.6.03.8"}], "defaultStatus": "affected"}], "references": [{"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03"}], "descriptions": [{"lang": "en", "value": "Path traversal in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-35: Path Traversal"}]}], "providerMetadata": {"orgId": "3af57064-a867-422c-b2ad-40307b65c458", "shortName": "SamsungMobile", "dateUpdated": "2026-03-16T04:32:09.910Z"}}}, "cveMetadata": {"cveId": "CVE-2026-21001", "state": "PUBLISHED", "dateUpdated": "2026-03-16T13:59:43.525Z", "dateReserved": "2025-12-11T01:33:35.802Z", "assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458", "datePublished": "2026-03-16T04:32:09.910Z", "assignerShortName": "SamsungMobile"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:samsung:galaxy_store:*:*:*:*:*:*:*:*", "matchCriteriaId": "40D06C76-5232-4A91-B7A3-D3B64BCDBBA8", "versionEndExcluding": "4.6.03.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Path traversal in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege."}, {"lang": "es", "value": "Salto de ruta en Galaxy Store anterior a la versi\u00f3n 4.6.03.8 permite a un atacante local crear un archivo con privilegios de Galaxy Store."}], "id": "CVE-2026-21001", "lastModified": "2026-04-07T00:35:35.413", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "mobile.security@samsung.com", "type": "Secondary"}]}, "published": "2026-03-16T14:18:11.217", "references": [{"source": "mobile.security@samsung.com", "tags": ["Vendor Advisory"], "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03"}], "sourceIdentifier": "mobile.security@samsung.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "4.6.03.8"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,4.6.03.8)"}}], "enrichment": {"confidence": 85.0, "confidence_source": "matching", "scores": [{"score": 85.0, "source": "matching"}]}, "original": {"product": "Galaxy Store", "source": "cna", "vendor": "Samsung Mobile"}, "product": "galaxy_store", "vendor": "samsung"}], "analysis": {"en": {"generated_at": "2026-04-08T21:37:51.422549+00:00", "value": {"mitigation_remediation": ["Update Samsung Galaxy Store to version 4.6.03.8 or later, ensuring all devices run a patched build.", "Verify that the device\u2019s installed Galaxy Store version matches the patched release or consult Samsung\u2019s official security advisories for updates.", "If an immediate update is not possible, consider disabling or uninstalling the Galaxy Store application to deny the local privilege required for exploitation."], "summary": {"action": "Patch Immediately", "impact": "Privilege Escalation / Local File Write"}, "threat_synthesis": {"affected_systems": "Samsung Mobile devices running the Galaxy Store application version earlier than 4.6.03.8 are affected. The issue applies to all Galaxy Store installations on Samsung mobile platforms that have not applied any patches beyond that version.", "description_and_impact": "An improper handling of file paths in Samsung Mobile's Galaxy Store allows a local attacker to construct a path that escapes the intended directory boundary, enabling creation or modification of arbitrary files. The vulnerability is classified as improper path handling (CWE\u201122) and could lead to file overwrite or insertion with the same privilege level as the Galaxy Store service, potentially allowing an attacker to install malicious payloads or manipulate app data.", "risk_and_exploitability": "The CVSS base score of 5.9 indicates moderate severity, with an EPSS below 1% suggesting low probability of exploitation in the wild. The vulnerability does not appear in the CISA KEV catalog. Because the attack requires local access to the device and the ability to invoke Galaxy Store functions, the attack vector is likely local and does not permit remote exploitation. An attacker would need physical or root\u2011level control of the device to trigger the path traversal and write files with Galaxy Store privileges."}}}}, "created": "2026-03-17T09:55:07.829762+00:00", "title": "Local File Write via Path Traversal in Samsung Galaxy Store", "updated": "2026-04-09T08:29:47.008765+00:00", "vendors": ["samsung", "samsung$PRODUCT$galaxy_store"]}