CVE-2025-21043
Published: 12 September 2025
Summary
CVE-2025-21043 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Samsung Android. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked in the top 10.2% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2025-21043 is an out-of-bounds write vulnerability in libimagecodec.quram.so prior to SMR Sep-2025 Release 1. The flaw is tracked under CWE-787 and carries a CVSS 3.1 score of 8.8, reflecting a network-accessible issue that requires no privileges but does involve user interaction.
Remote attackers can exploit the weakness to execute arbitrary code on affected Samsung devices, with the attack vector, lack of required authentication, and high impact on confidentiality, integrity, and availability all confirmed by the CVSS vector string.
Samsung’s September 2025 security maintenance release addresses the issue, and the vulnerability appears in CISA’s known exploited vulnerabilities catalog, indicating confirmed in-the-wild use.
EPSS for the CVE rose from a low baseline to a peak of 0.1144 on 2025-12-11 before receding to the current value of 0.0491, demonstrating a clear post-disclosure increase in exploitation interest.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-29028
Vulnerability details
Out-of-bounds write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to execute arbitrary code.
- CWE(s)
- KEV Date Added
- 02 October 2025
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Out-of-bounds write in image codec library enables arbitrary code execution via malicious image file opened by user (client-side exploitation).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mandates identification, reporting, and correction of flaws like the out-of-bounds write in libimagecodec.quram.so through timely patching as specified in Samsung's SMR Sep-2025 Release 1 and CISA KEV catalog.
Implements memory protection safeguards such as address space layout randomization and non-executable memory to mitigate arbitrary code execution from out-of-bounds writes in the image codec library.
Requires validation of image file inputs to block malformed data that could trigger the out-of-bounds write vulnerability during processing by libimagecodec.quram.so.