Out-of-Bounds Write Vulnerability in Samsung Mobile Software
CVE-2025-20979

8.4HIGH

Key Information:

Vendor: Samsung
Status: Libsavscmn
Vendor: CVE Published:; 7 May 2025

What is CVE-2025-20979?

A vulnerability in libsavscmn prior to Android 15 allows local attackers to perform out-of-bounds writes. This flaw can be exploited to execute arbitrary code, posing a significant risk to device integrity and user security. Users are advised to update to the latest version of the software to mitigate potential exploits.

Affected Version(s)

libsavscmn Android 15

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 7, 2025
Vulnerability Reserved
Nov 6, 2024