Samsung Products Multiple Vulnerabilities

Last Update Date: 11 Nov 2025 Release Date: 8 Apr 2025 10245 Views

RISK: Extremely High Risk

TYPE: Operating Systems - Mobile & Apps

Multiple vulnerabilities were identified in Samsung Products. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, denial of service condition, elevation of privilege, security restriction bypass and sensitive information disclosure and data manipulation on the targeted system.

Note:

There are indications that CVE-2024-53150 and CVE-2024-53197 may be under limited, targeted exploitation.

CVE-2025-21042 is being exploited in the wild. Out-of-bounds write in libimagecodec.quram.so allows remote attackers to trigger arbitrary code execution on the targeted system. Hence, the risk level of this vulnerability is rated as Extremely High Risk.

[Updated on 2025-11-11]

Updated Description, Risk Level and Related Links.

Impact

Denial of Service
Elevation of Privilege
Security Restriction Bypass
Information Disclosure
Data Manipulation
Remote Code Execution

System / Technologies affected

Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400
Galaxy Watch running Android Watch 14
Samsung mobile devices running Android 13, 14, 15

For affected products, please refer to the link below:

https://security.samsungmobile.com/securityUpdate.smsb

https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-22377/