PatchSiren cyber security CVE debrief
CVE-2026-21032 Samsung CVE debrief
CVE-2026-21032 is a medium-severity vulnerability in Samsung Assistant. The vulnerability is caused by improper export of android application components in SmartHomeWidgetReceiver, allowing a local attacker to execute arbitrary script. The CVSS score for this vulnerability is 6.9.
- Vendor
- Samsung
- Product
- Assistant
- CVSS
- MEDIUM 6.9
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-05
- Original CVE updated
- 2026-06-11
- Advisory published
- 2026-06-05
- Advisory updated
- 2026-06-11
Who should care
Users of Samsung Assistant prior to version 9.3.14
Technical summary
The vulnerability is caused by improper export of android application components in SmartHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14. This allows a local attacker to execute arbitrary script.
Defensive priority
MEDIUM
Recommended defensive actions
- Update Samsung Assistant to version 9.3.14 or later
Evidence notes
CVE-2026-21032 details from NVD and CVE.org
Official resources
-
CVE-2026-21032 CVE record
CVE.org
-
CVE-2026-21032 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
CVE-2026-21032 was published on [2026-06-05T11:16:35.787Z].