Out-of-Bounds Write Vulnerability in KnoxVault Trustlet by Samsung
CVE-2025-20983

6.4MEDIUM

Key Information:

Vendor: Samsung
Status: Samsung Devices
Vendor: CVE Published:; 8 July 2025

What is CVE-2025-20983?

An out-of-bounds write vulnerability has been identified in the KnoxVault trustlet, which could allow local attackers with privileged access to write beyond the intended memory boundaries. This flaw exists in the authentication secret handling prior to the SMR July 2025 Release 1, potentially exposing affected devices to further security risks or exploitation. Maintaining up-to-date security patches is crucial for safeguarding your Samsung device against such vulnerabilities.

Affected Version(s)

Samsung Mobile Devices SMR Jul-2025 Release in Android 14, 15

References

https://security.samsungmobile.com/securityUpdate.smsb?ye...

CVSS V3.1

Score:

6.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 8, 2025
Vulnerability Reserved
Nov 6, 2024