CVE-2025-21042 - Samsung Mobile Devices Out-of-Bounds Write Vulnerability
Project:Samsung
Product:Mobile Devices
Date Added:2025-11-10Due Date:2025-12-01
Vulnerability Name
Samsung Mobile Devices Out-of-Bounds Write Vulnerability
Description
Samsung mobile devices contain an out-of-bounds write vulnerability in libimagecodec.quram.so. This vulnerability could allow remote attackers to execute arbitrary code.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04
https://nvd.nist.gov/vuln/detail/CVE-2025-21042
Related News Articles
CISA orders feds to patch Samsung zero-day used in spyware attacksNovember 11, 2025