Out-of-Bounds Write Vulnerability in libimagecodec.quram.so Affects Samsung Products
CVE-2025-21043

8.8HIGH

Key Information:

Vendor: Samsung
Status: Samsung Devices
Vendor: CVE Published:; 12 September 2025

What is CVE-2025-21043?

An out-of-bounds write vulnerability in libimagecodec.quram.so prior to the SMR September 2025 Release 1 allows remote attackers to manipulate memory, potentially leading to arbitrary code execution. This flaw underscores the critical need for maintaining updated software to protect against exploitation.

Affected Version(s)

Samsung Mobile Devices SMR Sep-2025 Release in Android 13, 14, 15, 16

References

https://security.samsungmobile.com/securityUpdate.smsb?ye...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 12, 2025
Vulnerability Reserved
Nov 6, 2024