{"id":40553,"date":"2025-05-19T20:39:39","date_gmt":"2025-05-19T20:39:39","guid":{"rendered":""},"modified":"2025-08-07T11:49:43","modified_gmt":"2025-08-07T17:49:43","slug":"cve-2025-4632-critical-vulnerability-in-samsung-magicinfo-server","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-4632-critical-vulnerability-in-samsung-magicinfo-server\/","title":{"rendered":"CVE-2025-4632: Critical Vulnerability in Samsung MagicINFO Server<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

The cybersecurity landscape is an ever-evolving beast, with new vulnerabilities surfacing regularly. A recent discovery of note is a severe vulnerability with a CVSS Severity Score of 9.8 in the Samsung MagicINFO 9 Server. This vulnerability, identified as CVE-2025-4632, is of particular concern due to the potential for system<\/a> compromise or significant data leakage. It affects all versions of the server software prior<\/a> to 21.1052, making a substantial number of systems at risk if not patched promptly.
\nThis vulnerability is alarming because it allows attackers to write arbitrary<\/a> files as system authority due to an improper limitation of a pathname to a restricted directory. This means that malicious actors could potentially gain complete control over an affected system<\/a>, leading to the potential for significant harm or disruption to the organization’s operations.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-4632
\nSeverity: Critical (9.8 CVSS score)
\nAttack Vector: Network
\nPrivileges Required: None
\nUser Interaction: None
\nImpact: Potential system<\/a> compromise or data leakage<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n