Out-of-Bounds Write Vulnerability in Samsung libaudiosaplus_sec.so Library
CVE-2023-21476

8HIGH

Key Information:

Vendor: Samsung
Status: Samsung Devices
Vendor: CVE Published:; 3 September 2025

What is CVE-2023-21476?

An out-of-bounds write vulnerability exists in the libaudiosaplus_sec.so library prior to the SMR April 2023 Release 1. This flaw enables local attackers to potentially execute arbitrary code, posing significant security risks to affected systems. It is crucial for users and administrators to update their systems to mitigate exploitation risks associated with this vulnerability.

Affected Version(s)

Samsung Mobile Devices SMR Apr-2023 Release in Android 11, 12, 13

References

https://security.samsungmobile.com/securityUpdate.smsb?ye...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 3, 2025
Vulnerability Reserved
Nov 14, 2022