Cyber Resilience

CVE-2021-25395

MediumCISA KEVActive ExploitationEUVD Exploited

Published: 11 June 2021

Published
11 June 2021
Modified
30 October 2025
KEV Added
29 June 2023
Patch
CVSS Score v3.1 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0016 37.0th percentile
Risk Priority 33 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2021-25395 is a medium-severity Race Condition (CWE-362) vulnerability in Samsung Android. Its CVSS base score is 6.4 (Medium).

Operationally, ranked at the 37.0th percentile by exploit likelihood (below the median); CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 CM-14 (Signed Components) and SI-7 (Software, Firmware, and Information Integrity).

Deeper analysis

A race condition vulnerability, tracked as CVE-2021-25395 and assigned CWE-362, exists in the MFC charger driver on Samsung devices prior to the SMR MAY-2021 Release 1. The flaw permits local attackers to bypass signature verification checks when radio-level privileges have already been obtained, carrying a CVSS 3.1 score of 6.4 that reflects high impact on confidentiality, integrity, and availability under local attack conditions with high complexity and high privileges required.

An attacker who has first compromised radio privileges can leverage the race condition to bypass signature enforcement, potentially allowing unauthorized code execution or modification of protected charger-related components on the affected device.

Samsung's May 2021 security updates address the issue by updating the MFC charger driver, and the vulnerability is catalogued by CISA among known exploited vulnerabilities, indicating confirmed in-the-wild exploitation activity.

EU & UK References

Vulnerability details

A race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows local attackers to bypass signature check given a radio privilege is compromised.

CWE(s)
KEV Date Added
29 June 2023

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

samsung
android
10.0, 11.0, 8.1, 9.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires cryptographic signature verification of components before loading or execution, which the MFC charger driver race condition was designed to bypass.

preventdetect

Mandates integrity verification mechanisms (including signature checks) on firmware and drivers to detect and block unauthorized modification attempts such as this race-condition bypass.

prevent

Enforces access-control decisions at the point of use; a properly implemented reference check would have prevented the signature bypass even after radio privilege compromise.

References