Every CVE whose affected-product data names Samsung Smart Switch, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2026-20997 — CVSS 9.8 (critical): Improper verification of cryptographic signature in Smart Switch prior to version 3.7.69.15 allows remote attackers to potentially bypass…
CVE-2026-20998 — CVSS 9.8 (critical): Improper authentication in Smart Switch prior to version 3.7.69.15 allows remote attackers to bypass authentication.
CVE-2025-21078 — CVSS 8.8 (high): Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows adjacent attackers to access backup data…
CVE-2025-21064 — CVSS 8.8 (high): Improper authentication in Smart Switch prior to version 3.7.66.6 allows adjacent attackers to access transferring data.
CVE-2025-21062 — CVSS 7.8 (high): Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.67.2 allows local attackers to replace the restoring…
CVE-2026-20999 — CVSS 7.5 (high): Authentication bypass by replay in Smart Switch prior to version 3.7.69.15 allows remote attackers to trigger privileged functions.
CVE-2025-21061 — CVSS 7.1 (high): Cleartext storage of sensitive information in Smart Switch prior to version 3.7.67.2 allows local attackers to access sensitive data. User…
CVE-2026-21004 — CVSS 6.5 (medium): Improper authentication in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to trigger a denial of service.
CVE-2026-21005 — CVSS 6.5 (medium): Path traversal in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to overwrite arbitrary files with Smart Switch…
CVE-2025-21060 — CVSS 5.5 (medium): Cleartext storage of sensitive information in Smart Switch prior to version 3.7.67.2 allows local attackers to access backup data from…
CVE-2026-20995 — CVSS 5.3 (medium): Exposure of sensitive functionality to an unauthorized actor in Smart Switch prior to version 3.7.69.15 allows remote attackers to set a…
CVE-2026-20996 — CVSS 5.3 (medium): Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.69.15 allows remote attackers to configure a…
CVE-2025-20996 — CVSS 5.0 (medium): Improper authorization in Smart Switch installed on non-Samsung Device prior to version 3.7.64.10 allows local attackers to read data with…