Buffer Overflow Issue in Samsung Exynos Mobile Processors
CVE-2025-53966

8.4HIGH

Key Information:

Vendor

Samsung
Status
Exynos Mobile Processors
Vendor
CVE Published:
5 January 2026

What is CVE-2025-53966?

A critical issue has been identified in Samsung's Exynos Mobile Processors, specifically the Exynos 1380, 1480, 2400, and 1580 models. This vulnerability arises from improper handling of the NL80211 vendor command, resulting in a buffer overflow when processing an IOCTL message. This could potentially allow unauthorized access or manipulation of system memory, impacting the integrity and security of the device. Users should remain vigilant and apply necessary updates to mitigate risks associated with this vulnerability.

References

https://semiconductor.samsung.com/support/quality-support...
https://semiconductor.samsung.com/support/quality-support...

CVSS V3.1

Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.