CVE-2021-25395
Published: 11 June 2021
Summary
CVE-2021-25395 is a medium-severity Race Condition (CWE-362) vulnerability in Samsung Android. Its CVSS base score is 6.4 (Medium).
Operationally, ranked at the 37.0th percentile by exploit likelihood (below the median); CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 CM-14 (Signed Components) and SI-7 (Software, Firmware, and Information Integrity).
Deeper analysis
A race condition vulnerability, tracked as CVE-2021-25395 and assigned CWE-362, exists in the MFC charger driver on Samsung devices prior to the SMR MAY-2021 Release 1. The flaw permits local attackers to bypass signature verification checks when radio-level privileges have already been obtained, carrying a CVSS 3.1 score of 6.4 that reflects high impact on confidentiality, integrity, and availability under local attack conditions with high complexity and high privileges required.
An attacker who has first compromised radio privileges can leverage the race condition to bypass signature enforcement, potentially allowing unauthorized code execution or modification of protected charger-related components on the affected device.
Samsung's May 2021 security updates address the issue by updating the MFC charger driver, and the vulnerability is catalogued by CISA among known exploited vulnerabilities, indicating confirmed in-the-wild exploitation activity.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2021-12291
Vulnerability details
A race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows local attackers to bypass signature check given a radio privilege is compromised.
- CWE(s)
- KEV Date Added
- 29 June 2023
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires cryptographic signature verification of components before loading or execution, which the MFC charger driver race condition was designed to bypass.
Mandates integrity verification mechanisms (including signature checks) on firmware and drivers to detect and block unauthorized modification attempts such as this race-condition bypass.
Enforces access-control decisions at the point of use; a properly implemented reference check would have prevented the signature bypass even after radio privilege compromise.