Out-of-Bounds Write Vulnerability in libsavscmn for Android Devices by Samsung
CVE-2025-20980

4MEDIUM

Key Information:

Vendor: Samsung
Status: Libsavscmn
Vendor: CVE Published:; 7 May 2025

What is CVE-2025-20980?

An out-of-bounds write vulnerability exists in the libsavscmn library, which affects Android versions prior to 15. This flaw can be exploited by local attackers to cause memory corruption, potentially leading to unauthorized actions or crashes within the affected systems. It underscores the importance of keeping software up-to-date to mitigate such risks.

Affected Version(s)

libsavscmn Android 15

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 7, 2025
Vulnerability Reserved
Nov 6, 2024