MagicINFO 9 Server has default permissions that can be exploited

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.8

MagicINFO 9 Server has default permissions that can be exploited

CVE-2026-25203

Summary

The MagicINFO 9 Server has a default permission setting that could allow an attacker to gain elevated access to the system. This means that an unauthorized user could potentially get access to sensitive information or make changes to the system. To protect against this, update to version 21.1091.1 or later.

Original title

Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability This issue affects MagicINFO 9 Server: less than 21.1091.1.

Original description

Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability

This issue affects MagicINFO 9 Server: less than 21.1091.1.

nvd CVSS3.1 7.8

Vulnerability type

CWE-276 Incorrect Default Permissions

https://security.samsungtv.com/securityUpdates

Published: 10 Apr 2026 · Updated: 10 Apr 2026 · First seen: 10 Apr 2026