← ExploitWatch
HomeExploited Vulnerabilities

CVE-2025-4632 — Actively Exploited: MagicINFO 9 Server (Samsung)

Samsung MagicINFO 9 Server contains a path traversal vulnerability that allows an attacker to write arbitrary file as system authority.

CVE IDCVE-2025-4632
VendorSamsung
ProductMagicINFO 9 Server
Vulnerability nameSamsung MagicINFO 9 Server Path Traversal Vulnerability
Date added2025-05-22
Remediation due2025-06-12
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
DescriptionSamsung MagicINFO 9 Server contains a path traversal vulnerability that allows an attacker to write arbitrary file as system authority.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →