Out-of-Bounds Write Vulnerability in Samsung's Image Codec Library
CVE-2025-21042

8.8HIGH

Key Information:

Vendor

Samsung
Status
Samsung Devices
Vendor
CVE Published:
12 September 2025

Badges

๐Ÿ”ฅ Trending now๐Ÿ“ˆ Trended๐Ÿ“ˆ Score: 1,910๐Ÿ’ฐ Ransomware๐Ÿ‘พ Exploit Exists๐Ÿ“ฐ News Worthy

What is CVE-2025-21042?

CVE-2025-21042 is an out-of-bounds write vulnerability located in Samsung's Image Codec Library (libimagecodec.quram.so), relevant to versions released prior to the April 2025 SMR (Security Maintenance Release). This vulnerability allows for the potential execution of arbitrary code by remote attackers, which raises significant security concerns for organizations using affected Samsung software and devices. As the Image Codec Library is often integrated into various applications for processing image data, any compromise could lead to unauthorized access to sensitive information or control over software environments. Organizations that rely on this technology may face severe operational disruptions, data integrity issues, and increased costs associated with incident response and remediation efforts.

Potential impact of CVE-2025-21042

  1. Remote Code Execution: The most critical impact of CVE-2025-21042 is the potential for remote attackers to execute arbitrary code on affected systems. This can allow attackers to take full control of devices or applications utilizing the vulnerable library, leading to serious security breaches.

  2. Data Compromise: Exploiting this vulnerability can enable attackers to access sensitive data stored within the affected systems, resulting in data breaches that may expose personal, financial, or proprietary information. This can have severe implications for compliance with regulatory frameworks and organizational reputation.

  3. Operational Disruption: Organizations may experience significant operational disruptions if attackers exploit this vulnerability. The ensuing chaos might require extensive incident response measures, including system downtime, resource allocation for recovery, and potentially, the need to redeploy affected systems or software. This can lead to financial losses and loss of customer trust.

Affected Version(s)

Samsung Mobile Devices SMR Apr-2025 Release in Android 13, 14, 15

News Articles

favicon imageSecurity Affairs

LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks

A Samsung Galaxy flaw, tracked as CVE-2025-21042, was exploited as a zero-day to deploy LANDFALL spyware in targeted attacks in Middle East.

17 hours ago

favicon imagetheregister.com

Landfall spyware used in 0-day attacks on Samsung phones

A previously unknown Android spyware family called LANDFALL exploited a zero-day in Samsung Galaxy devices for nearly a year, installing surveillance code capable of recording calls, tracking locations, and...

17 hours ago

favicon imageThe Hacker News

Samsung Zero-Click Flaw Exploited to Deploy LANDFALL Android Spyware via WhatsApp

LANDFALL spyware exploited a Samsung Galaxy flaw (CVE-2025-21042) via WhatsApp images before April 2025 patch.

21 hours ago

References

https://security.samsungmobile.com/securityUpdate.smsb?ye...

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • ๐Ÿ“ˆ

    Vulnerability started trending

  • ๐Ÿ’ฐ

    Used in Ransomware

  • ๐Ÿ‘พ

    Exploit known to exist

  • ๐Ÿ“ฐ

    First article discovered by SecurityWeek

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-21042 : Out-of-Bounds Write Vulnerability in Samsung's Image Codec Library