CVE-2025-21046 is a vulnerability categorized under CWE-284 (Improper Access Control) found in the WindowManager component of Samsung DeX on Samsung Mobile Devices prior to the SMR October 2025 Release 1 update. The vulnerability allows an attacker with physical access to the device to bypass access controls and temporarily view the recent app list. This is due to insufficient enforcement of access restrictions within the WindowManager, which manages window and app display states in Samsung DeX, Samsung's desktop-like environment for mobile devices. The flaw does not require any privileges, user interaction, or network access, making it exploitable solely through physical proximity. The CVSS v3.1 score is 2.4, reflecting low severity, primarily because the impact is limited to confidentiality (exposure of recent apps) without affecting integrity or availability. No known exploits have been reported in the wild, and no official patches have been linked yet, though the vulnerability is addressed in the SMR October 2025 Release 1 update. The vulnerability could allow attackers to glean information about recent user activity, which might aid in further targeted attacks or social engineering. However, the temporary nature of access and the requirement for physical presence limit the overall risk.

For European organizations, the impact of CVE-2025-21046 is primarily related to potential information leakage through exposure of recent app usage on Samsung Mobile Devices using Samsung DeX. This could reveal sensitive operational or personal information, potentially aiding attackers in profiling users or planning subsequent attacks. The vulnerability does not compromise device integrity or availability, so it does not directly threaten system stability or data modification. However, in environments where physical device security is less controlled—such as field operations, conferences, or shared workspaces—this vulnerability could be exploited by insiders or opportunistic attackers. Organizations handling sensitive data or intellectual property on Samsung devices should consider this a privacy risk. The low CVSS score and lack of remote exploitability reduce the overall threat level, but the risk is non-negligible in high-security contexts. The vulnerability may also affect compliance with data protection regulations if sensitive information is exposed due to inadequate device security.

1. Apply the SMR October 2025 Release 1 update from Samsung Mobile as soon as it becomes available to remediate the vulnerability. 2. Enforce strict physical security policies to prevent unauthorized physical access to devices, including secure storage and controlled access in sensitive environments. 3. Educate users about the risks of leaving devices unattended, especially when Samsung DeX is active or accessible. 4. Consider disabling Samsung DeX on devices where it is not required or where physical security cannot be guaranteed. 5. Implement device management policies via Mobile Device Management (MDM) solutions to monitor and restrict device features and usage. 6. Regularly audit device configurations and access logs to detect any suspicious physical access or usage patterns. 7. Encourage users to lock their devices promptly and use strong authentication methods to reduce the window of opportunity for physical attackers. 8. For highly sensitive environments, consider additional endpoint security solutions that can detect or prevent unauthorized access to device UI components.