CyberHappenings logo
☰
🏠 Home πŸ“‚ Browse ℹ️ About

Track cybersecurity events as they unfold. Sourced timelines, daily updates. Fast, privacy‑respecting. No ads, no tracking.

Critical Out-of-Bounds Write Vulnerability in Samsung Android Devices Exploited in the Wild

First reported
Last updated
πŸ“° 1 unique sources, 1 articles

Summary

Hide β–²

Samsung has patched a critical zero-day vulnerability (CVE-2025-21043) in its Android devices, which has been actively exploited in the wild. The flaw, an out-of-bounds write in the libimagecodec.quram.so library, allows for arbitrary code execution. The vulnerability affects Android versions 13, 14, 15, and 16. The issue was privately disclosed to Samsung on August 13, 2025, and a fix was released in the September 2025 security update. The exploit's specifics and the actors behind it remain undisclosed. This development follows Google's recent patching of two other actively exploited Android vulnerabilities.

Timeline

  1. 12.09.2025 18:16 πŸ“° 1 articles Β· ⏱ 5d ago

    Samsung patches actively exploited zero-day in Android devices

    Samsung has released a fix for a critical zero-day vulnerability (CVE-2025-21043) in its Android devices, which has been exploited in the wild. The flaw, an out-of-bounds write in the libimagecodec.quram.so library, allows for arbitrary code execution. The vulnerability affects Android versions 13, 14, 15, and 16. The issue was privately disclosed to Samsung on August 13, 2025, and a fix was released in the September 2025 security update. The exploit's specifics and the actors behind it remain undisclosed.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Apple patches Image I/O zero-day exploited in targeted attacks

Apple has released emergency updates to fix a zero-day vulnerability (CVE-2025-43300) in the Image I/O framework. The flaw, an out-of-bounds write issue, was exploited in "extremely sophisticated" targeted attacks against specific individuals. The vulnerability affects multiple iOS, iPadOS, and macOS versions and devices. Apple has not attributed the discovery to a specific researcher or provided details about the attacks. The flaw allows attackers to exploit the vulnerability by supplying malicious input, potentially leading to remote code execution. Affected devices include various iPhone, iPad, and Mac models running specific versions of iOS, iPadOS, and macOS. The flaw was discovered internally by Apple and addressed with improved bounds checking. The vulnerability has been exploited as part of highly targeted attacks. Users are advised to install the updates promptly to mitigate potential ongoing attacks. CERT-FR has reported at least four instances of Apple threat notifications alerting users about mercenary spyware attacks since the beginning of the year. The attacks target individuals based on their status or function, including journalists, lawyers, activists, politicians, and senior officials. Apple has sent threat notifications to users in over 150 countries since 2021. Apple has backported fixes for the vulnerability to older versions of iOS, iPadOS, and macOS, including iOS 16.7.12, iPadOS 16.7.12, iOS 15.8.5, and iPadOS 15.8.5. The updates also address multiple other security flaws in various Apple products. The flaw was chained with a WhatsApp zero-click vulnerability (CVE-2025-55177) in targeted attacks. The attacks were described as "extremely sophisticated" by Apple and WhatsApp. Samsung also patched a remote code execution vulnerability chained with the CVE-2025-55177 WhatsApp flaw in zero-day attacks targeting its Android devices.

Open in new tab