CISA Warns of Samsung Mobile Devices 0-Day RCE Vulnerability Exploited in Attacks

Posted on By CWS

CISA has added a vital zero-day vulnerability affecting Samsung cellular units to its Identified Exploited Vulnerabilities catalog. Warning that menace actors are actively exploiting the flaw in real-world assaults.

The vulnerability, tracked as CVE-2025-21042, is an out-of-bounds write vulnerability within the libimagecodec.quram.so library on Samsung cellular units.

This safety flaw permits distant attackers to execute arbitrary code on susceptible units with out consumer interplay, making it notably harmful and liable to widespread exploitation.

Samsung 0-Day RCE Vulnerability Exploited

The vulnerability is assessed below CWE-787, which represents out-of-bounds write flaws that may result in reminiscence corruption and unauthorized code execution.

The CISA researchers have confirmed that attackers are leveraging this zero-day to compromise Samsung smartphones. Nevertheless, particular particulars in regards to the assault campaigns stay restricted.

CISA’s choice so as to add CVE-2025-21042 to the KEV catalog on November 10, 2025, alerts that federal companies have confirmed lively exploitation makes an attempt focusing on this vulnerability.

Whereas it stays unknown whether or not the flaw has been weaponized in ransomware campaigns, the distant code execution functionality poses important dangers to each particular person customers and enterprise environments.

CVE IDDescriptionImpactCWECVE-2025-21042Out-of-Bounds Write Vulnerability in libimagecodec.quram.soRemote Code Execution (RCE)CWE-787

Exploiting the vulnerability may allow attackers to achieve full management of affected units, doubtlessly resulting in knowledge theft, surveillance, or using compromised smartphones as entry factors into company networks.

Federal companies should apply safety patches and mitigations by December 1, 2025, based on CISA’s Binding Operational Directive 22-01.

Samsung customers throughout all sectors ought to instantly verify for out there safety updates and set up them directly.

Organizations that can’t instantly patch susceptible units ought to implement compensating controls or think about discontinuing use till fixes turn into out there.

Samsung’s September 2025 patch for CVE-2025-21043 addressed a associated zero-day in the identical library

Customers ought to stay vigilant and solely obtain purposes from trusted sources whereas monitoring their units for suspicious exercise.

Observe us on Google Information, LinkedIn, and X for day by day cybersecurity updates. Contact us to characteristic your tales.

Cyber Security News Tags:, , , , , , , , ,

Related Posts

Cybersecurity Newsletter Weekly Recap – UK Hacker Bust to BMW Data Leak Cyber Security News
New ClickFix Attack Uses Fake BBC News Page and Fraudulent Cloudflare Verification to Trick Users Cyber Security News
Why Real-Time Threat Intelligence Is Critical for Modern SOCs Cyber Security News
Microsoft Defender XDR New Advanced Hunting Tables for Email and Cloud Protections Cyber Security News
Louis Vuitton Hacked – Attackers Stolen Customers Personal Data Cyber Security News
Threat Actors Abuse Proofpoint’s and Intermedia’s Link Wrapping Features to Hide Phishing Payloads Cyber Security News