CVE-2025-27807
Published: 05 January 2026
Summary
CVE-2025-27807 is a critical-severity Out-of-bounds Write (CWE-787) vulnerability in Samsung Exynos 990 Firmware. Its CVSS base score is 9.1 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 22.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires validation of NAS packet lengths and content to directly prevent out-of-bounds writes from malformed inputs.
Mandates timely identification, reporting, and patching of flaws like the missing length check in Exynos processors and modems.
Implements memory safeguards such as address space randomization or stack canaries to mitigate impacts of out-of-bounds writes.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote unauthenticated network exploitation of protocol handler (NAS) via malformed packets directly maps to T1190 for initial access and impact (DoS/data leak).
NVD Description
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length…
more
check leads to out-of-bounds writes via malformed NAS packets.
Deeper analysisAI
CVE-2025-27807 is a vulnerability affecting multiple Samsung Exynos mobile processors, wearable processors, and modems, specifically models Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The flaw arises from a missing length check in handling NAS packets, enabling out-of-bounds writes when processing malformed input. Published on 2026-01-05, it carries a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) and maps to CWE-787 (Out-of-bounds Write).
Remote attackers can exploit this vulnerability over the network without requiring privileges or user interaction. By sending crafted malformed NAS packets to affected devices, adversaries trigger out-of-bounds writes, resulting in high confidentiality and availability impacts, such as potential data leakage or system crashes, while integrity remains unaffected.
Samsung Semiconductor provides product security updates for this issue, with general guidance at https://semiconductor.samsung.com/support/quality-support/product-security-updates/ and CVE-specific details at https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-27807/. Security practitioners should consult these advisories for patch availability and mitigation steps tailored to impacted hardware.
Details
- CWE(s)