Cyber Resilience

CVE-2025-20916

Medium

Published: 06 March 2025

Published
06 March 2025
Modified
16 July 2025
KEV Added
Patch
CVSS Score v3.1 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0023 46.1th percentile
Risk Priority 11 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-20916 is a medium-severity Out-of-bounds Read (CWE-125) vulnerability in Samsung Notes. Its CVSS base score is 5.5 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Data from Local System (T1005); ranked at the 46.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-20916 is an out-of-bounds read vulnerability in the Samsung Notes application, specifically affecting versions prior to 4.4.26.71. The flaw occurs during the reading of an S Pen-related string, allowing attackers to access memory outside the intended bounds, as classified under CWE-125. Published on March 6, 2025, it carries a CVSS v3.1 base score of 5.5 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N), indicating a medium-severity issue with high confidentiality impact but no integrity or availability disruption.

A local attacker with low privileges can exploit this vulnerability without user interaction. By triggering the faulty string read in the S Pen handling code, the attacker gains read access to out-of-bounds memory, potentially exposing sensitive data such as other process memory contents, user information, or application internals.

Samsung's security advisory, available at https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=03, details the issue and recommends updating Samsung Notes to version 4.4.26.71 or later to mitigate the vulnerability.

EU & UK References

Vulnerability details

Out-of-bounds read in reading string of SPen in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
Why these techniques?

The out-of-bounds read in Samsung Notes directly enables unauthorized access to memory contents on the local system, facilitating collection of sensitive data such as process memory or user information.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-20918Same product: Samsung Notes
CVE-2025-20922Same product: Samsung Notes
CVE-2025-20915Same product: Samsung Notes
CVE-2025-20914Same product: Samsung Notes
CVE-2025-20919Same product: Samsung Notes
CVE-2025-20920Same product: Samsung Notes
CVE-2025-20917Same product: Samsung Notes
CVE-2025-20921Same product: Samsung Notes
CVE-2025-20931Same product: Samsung Notes
CVE-2025-20929Same product: Samsung Notes

Affected Assets

samsung
notes
≤ 4.4.26.71

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates the CVE by requiring identification, reporting, and timely patching of the out-of-bounds read flaw in Samsung Notes via software updates to version 4.4.26.71 or later.

prevent

Implements memory protection mechanisms that prevent unauthorized out-of-bounds memory reads during S Pen string processing, limiting attacker access to sensitive memory contents.

prevent

Requires validation of S Pen-related string inputs to prevent malformed data from triggering the out-of-bounds read vulnerability.

References