Cyber Resilience

CVE-2025-27807

Critical

Published: 05 January 2026

Published
05 January 2026
Modified
09 January 2026
KEV Added
Patch
CVSS Score v3.1 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS Score 0.0031 23.0th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2025-27807 is a critical-severity Out-of-bounds Write (CWE-787) vulnerability in Samsung Exynos 990 Firmware. Its CVSS base score is 9.1 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 23.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-27807 is a vulnerability affecting multiple Samsung Exynos mobile processors, wearable processors, and modems, specifically models Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The flaw arises from a missing length check in handling NAS packets, enabling out-of-bounds writes when processing malformed input. Published on 2026-01-05, it carries a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) and maps to CWE-787 (Out-of-bounds Write).

Remote attackers can exploit this vulnerability over the network without requiring privileges or user interaction. By sending crafted malformed NAS packets to affected devices, adversaries trigger out-of-bounds writes, resulting in high confidentiality and availability impacts, such as potential data leakage or system crashes, while integrity remains unaffected.

Samsung Semiconductor provides product security updates for this issue, with general guidance at https://semiconductor.samsung.com/support/quality-support/product-security-updates/ and CVE-specific details at https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-27807/. Security practitioners should consult these advisories for patch availability and mitigation steps tailored to impacted hardware.

EU & UK References

Vulnerability details

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length…

more

check leads to out-of-bounds writes via malformed NAS packets.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Remote unauthenticated network exploitation of protocol handler (NAS) via malformed packets directly maps to T1190 for initial access and impact (DoS/data leak).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-62818Same product: Samsung Exynos 1080
CVE-2025-52909Same product: Samsung Exynos 1280
CVE-2025-54324Same product: Samsung Exynos 1080
CVE-2025-58349Same product: Samsung Exynos 1080
CVE-2025-54328Same product: Samsung Exynos 1080
CVE-2025-57835Same product: Samsung Exynos 1080
CVE-2025-59440Same product: Samsung Exynos 1080
CVE-2025-57834Same product: Samsung Exynos 1080
CVE-2024-52923Same product: Samsung Exynos 1080
CVE-2024-52924Same product: Samsung Exynos 1080

Affected Assets

samsung
exynos 990 firmware
all versions
samsung
exynos 980 firmware
all versions
samsung
exynos 850 firmware
all versions
samsung
exynos 1080 firmware
all versions
samsung
exynos 2100 firmware
all versions
samsung
exynos 1280 firmware
all versions
samsung
exynos 2200 firmware
all versions
samsung
exynos 1330 firmware
all versions
samsung
exynos 1380 firmware
all versions
samsung
exynos 1480 firmware
all versions
+9 more product configuration(s) — see NVD for full list

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires validation of NAS packet lengths and content to directly prevent out-of-bounds writes from malformed inputs.

prevent

Mandates timely identification, reporting, and patching of flaws like the missing length check in Exynos processors and modems.

prevent

Implements memory safeguards such as address space randomization or stack canaries to mitigate impacts of out-of-bounds writes.

References