Out-of-Bounds Write Vulnerability in SoftSim TA by Samsung
CVE-2025-20885

6.4MEDIUM

Key Information:

Vendor: Samsung
Status: Samsung Devices
Vendor: CVE Published:; 4 February 2025

Summary

An out-of-bounds write vulnerability in the SoftSim Trusted Application (TA) pre-dating the SMR January 2025 Release 1 can be exploited by local privileged attackers. This weakness may lead to unintended memory corruption, potentially allowing malicious actors to manipulate application behavior or escalate privileges within the affected systems.

Affected Version(s)

Samsung Mobile Devices SMR Jan-2025 Release in Select Android 12, 13, 14 devices

References

https://security.samsungmobile.com/securityUpdate.smsb?ye...

CVSS V3.1

Score:

6.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 4, 2025
Vulnerability Reserved
Nov 6, 2024