CVE-2025-21043 - Samsung Mobile Devices Out-of-Bounds Write Vulnerability

Vulnerability Name

Samsung Mobile Devices Out-of-Bounds Write Vulnerability

Description

Samsung mobile devices contain an out-of-bounds write vulnerability in libimagecodec.quram.so which allows remote attackers to execute arbitrary code.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=09

https://nvd.nist.gov/vuln/detail/CVE-2025-21043

Related News Articles

CISA: Patch Samsung flaw exploited to deliver spyware (CVE-2025-21042)November 11, 2025

CISA orders feds to patch Samsung zero-day used in spyware attacksNovember 11, 2025

Samsung Mobile Flaw Exploited as Zero-Day to Deploy LANDFALL Android SpywareNovember 8, 2025

New LandFall spyware exploited Samsung zero-day via WhatsApp messagesNovember 8, 2025

CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the WildOctober 3, 2025