{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25202", "assignerOrgId": "ca193ba2-0cff-4e34-b04e-1ea07103c6fe", "state": "PUBLISHED", "assignerShortName": "samsung.tv_appliance", "dateReserved": "2026-01-30T06:07:11.090Z", "datePublished": "2026-02-02T04:49:53.680Z", "dateUpdated": "2026-02-26T15:04:39.986Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "MagicINFO 9 Server", "vendor": "Samsung Electronics", "versions": [{"status": "affected", "version": "21.1090.1"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.</span><p>This issue affects MagicINFO 9 Server: less than 21.1090.1.</p>"}], "value": "The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1."}], "impacts": [{"capecId": "CAPEC-203", "descriptions": [{"lang": "en", "value": "CAPEC-203 Manipulate Registry Information"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-798", "description": "CWE-798 Use of Hard-coded Credentials", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "ca193ba2-0cff-4e34-b04e-1ea07103c6fe", "shortName": "samsung.tv_appliance", "dateUpdated": "2026-02-02T04:49:53.680Z"}, "references": [{"url": "https://security.samsungtv.com/securityUpdates"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-25202", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-03T04:55:43.219952Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-26T15:04:39.986Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-25202", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-02T17:52:12.626895Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-02T17:52:19.504Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-203", "descriptions": [{"lang": "en", "value": "CAPEC-203 Manipulate Registry Information"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Samsung Electronics", "product": "MagicINFO 9 Server", "versions": [{"status": "affected", "version": "21.1090.1"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://security.samsungtv.com/securityUpdates"}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.</span><p>This issue affects MagicINFO 9 Server: less than 21.1090.1.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-798", "description": "CWE-798 Use of Hard-coded Credentials"}]}], "providerMetadata": {"orgId": "ca193ba2-0cff-4e34-b04e-1ea07103c6fe", "shortName": "samsung.tv_appliance", "dateUpdated": "2026-02-02T04:49:53.680Z"}}}, "cveMetadata": {"cveId": "CVE-2026-25202", "state": "PUBLISHED", "dateUpdated": "2026-02-02T17:52:24.436Z", "dateReserved": "2026-01-30T06:07:11.090Z", "assignerOrgId": "ca193ba2-0cff-4e34-b04e-1ea07103c6fe", "datePublished": "2026-02-02T04:49:53.680Z", "assignerShortName": "samsung.tv_appliance"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:samsung:magicinfo_9_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "72138C44-D3F0-4373-967F-831861E19195", "versionEndExcluding": "21.1090.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1."}, {"lang": "es", "value": "La cuenta y la contrase\u00f1a de la base de datos est\u00e1n codificadas de forma r\u00edgida, permitiendo el inicio de sesi\u00f3n con la cuenta para manipular la base de datos en el servidor MagicInfo9. Este problema afecta a MagicINFO 9 Server: versiones inferiores a 21.1090.1."}], "id": "CVE-2026-25202", "lastModified": "2026-03-10T18:44:22.143", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "PSIRT@samsung.com", "type": "Secondary"}]}, "published": "2026-02-02T05:16:07.280", "references": [{"source": "PSIRT@samsung.com", "tags": ["Vendor Advisory"], "url": "https://security.samsungtv.com/securityUpdates"}], "sourceIdentifier": "PSIRT@samsung.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-798"}], "source": "PSIRT@samsung.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T14:19:33.627812+00:00", "value": {"mitigation_remediation": ["Apply Samsung's published security update, upgrading to version 21.1090.1 or later.", "After patching, verify that configuration files no longer contain hardcoded credentials and remove any retained privileged accounts.", "Restrict network exposure of the MagicINFO 9 Server by placing it behind a firewall or VPN, limiting access to trusted administrators only, and enable audit logging to detect unauthorized attempts."], "summary": {"action": "Immediate Patch", "impact": "Unauthorized database access and modification"}, "threat_synthesis": {"affected_systems": "The affected product is Samsung Electronics MagicINFO 9 Server. All versions older than 21.1090.1 contain the hardcoded credentials and are therefore vulnerable.", "description_and_impact": "The vulnerability originates from hardcoded database credentials embedded in MagicINFO 9 Server, allowing an authenticated user to log in with a privileged account and manipulate the underlying database. This flaw enables an attacker to read, alter, or delete data, potentially leading to loss of confidentiality, integrity, and availability. The weakness aligns with CWE-798, reflecting the use of fixed credentials that compromise authentication security.", "risk_and_exploitability": "The CVSS score of 9.8 indicates a high severity risk. Although the EPSS score is reported as less than 1%, suggesting low current exploitation probability, the vulnerability is not listed in the CISA KEV catalog. Based on the description, it is inferred that an attacker who can reach the server's login interface could exploit the hardcoded credentials to gain administrative database access. No explicit evidence indicates remote unauthenticated exploitation; the primary attack vector appears to be local or remote login by an authenticated user."}}}}, "created": "2026-02-02T09:26:13.830646+00:00", "title": "Hardcoded Database Credentials in MagicINFO 9 Server Allow Remote Administrative Access", "updated": "2026-04-18T14:30:02.939154+00:00", "vendors": ["samsung_electronics", "samsung_electronics$PRODUCT$magicinfo_9_server"]}