Cyber Posture

CVE-2025-20888

High

Published: 04 February 2025

Published
04 February 2025
Modified
12 February 2025
KEV Added
Patch
CVSS Score 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0011 29.1th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-20888 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Samsung Android. Its CVSS base score is 7.0 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 29.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly mandates identification, reporting, and correction of flaws like this out-of-bounds write via timely patching, as recommended in Samsung's SMR Jan-2025 Release 1 advisory.

SI-16 Memory Protection good match
prevent

Implements memory safeguards such as DEP and ASLR to protect against arbitrary code execution resulting from the out-of-bounds write vulnerability.

SI-10 Information Input Validation partial match
prevent

Requires validation of block size inputs to the smp4vtd handler in libsthmbc.so, preventing out-of-bounds writes from malformed or oversized values.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

Out-of-bounds write enables local arbitrary code execution with elevated privileges via direct exploitation of the vulnerable library component.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Out-of-bounds write in handling the block size for smp4vtd in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.

Deeper analysisAI

CVE-2025-20888 is an out-of-bounds write vulnerability in the handling of block size for smp4vtd within libsthmbc.so, affecting versions prior to the SMR Jan-2025 Release 1. This flaw, classified under CWE-787, enables local attackers to execute arbitrary code with elevated privileges. The vulnerability carries a CVSS v3.1 base score of 7.0 (AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H), indicating high confidentiality, integrity, and availability impacts under specific local access conditions.

A local attacker can exploit this vulnerability by triggering the out-of-bounds write, requiring user interaction and high attack complexity but no prior privileges. Successful exploitation allows the attacker to execute arbitrary code with elevated privileges on the affected system.

Samsung's security advisory for the January 2025 updates, available at https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=01, addresses this issue through the SMR Jan-2025 Release 1 patch, recommending users apply the update to mitigate the vulnerability.

Details

CWE(s)
CWE-787

Affected Products

samsung
android
12.0, 13.0, 14.0

CVEs Like This One

CVE-2025-20890Same product: Samsung Android
CVE-2025-20882Same product: Samsung Android
CVE-2025-20881Same product: Samsung Android
CVE-2025-21042Same product: Samsung Android
CVE-2026-20979Same product: Samsung Android
CVE-2026-20983Same product: Samsung Android
CVE-2025-21043Same product: Samsung Android
CVE-2026-21010Same product: Samsung Android
CVE-2026-20971Same product: Samsung Android
CVE-2026-20970Same product: Samsung Android

References