Open Redirect Bypass in Samsung Account (CVE‑2025‑58487) Threatens Galaxy S25 Devices
What It Is – A medium‑severity (CVSS 5.6) open‑redirect flaw in the Samsung Account app on the Galaxy S25 allows an unauthenticated remote attacker to redirect users to a malicious URL and trigger arbitrary exported Android activities.
Exploitability – No authentication required; proof‑of‑concept demonstrated during Pwn2Own. No public exploit kits observed yet, but the vulnerability is actively exploitable in the wild.
Affected Products – Samsung Galaxy S25 smartphones (Samsung Account application).
TPRM Impact – Organizations that provision Samsung S25 devices to employees, contractors, or customers face a supply‑chain risk: malicious redirects can install unwanted apps, exfiltrate data, or serve as a foothold for broader attacks on corporate networks.
Recommended Actions – 1️⃣ Deploy Samsung’s December 2025 security update immediately. 2️⃣ Verify that the update is installed on all managed S25 devices via MDM. 3️⃣ Enforce strict URL‑allow‑list policies on mobile browsers and email clients. 4️⃣ Monitor network traffic for unexpected redirects or activity launches from the Samsung Account app. 5️⃣ Review third‑party app vetting processes to block unauthorized exported activities. Source: Zero Day Initiative advisory