Cyber Resilience

CVE-2025-52519

High

Published: 05 January 2026

Published
05 January 2026
Modified
30 January 2026
KEV Added
Patch
CVSS Score v3.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
EPSS Score 0.0003 7.5th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-52519 is a high-severity Improper Input Validation (CWE-20) vulnerability in Samsung Exynos 1330 Firmware. Its CVSS base score is 7.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Data from Local System (T1005); ranked at the 7.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and AC-3 (Access Enforcement).

Deeper analysis

CVE-2025-52519 is a vulnerability discovered in the Camera component of Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, and 2500. It stems from improper validation of user-space input (CWE-20) in the issimian device driver, enabling information disclosure and denial of service. The issue carries a CVSS v3.1 base score of 7.1 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H) and was published on 2026-01-05.

A local attacker with low privileges can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation allows high-impact confidentiality loss through information disclosure and high-impact availability disruption via denial of service, without affecting integrity or changing scope.

Samsung Semiconductor has issued product security updates addressing this vulnerability, detailed at https://semiconductor.samsung.com/support/quality-support/product-security-updates/ and the dedicated CVE page https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-52519/. Security practitioners should consult these advisories for patch availability and mitigation guidance specific to affected Exynos processors.

EU & UK References

Vulnerability details

An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, and 2500. Improper validation of user-space input in the issimian device driver leads to information disclosure and a denial of…

more

service.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Local kernel driver input validation flaw directly enables unauthorized data reads from the system (info disclosure) and targeted DoS via exploitation of the driver.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-57835Same product: Samsung Exynos 1330
CVE-2025-57834Same product: Samsung Exynos 1330
CVE-2025-62817Same product: Samsung Exynos 1380
CVE-2025-53966Same product: Samsung Exynos 1380
CVE-2025-49495Same product: Samsung Exynos 1380
CVE-2025-62814Same product: Samsung Exynos 1380
CVE-2024-46922Same product: Samsung Exynos 1480
CVE-2025-59440Same product: Samsung Exynos 1330
CVE-2025-58349Same product: Samsung Exynos 1330
CVE-2024-46923Same product: Samsung Exynos 1480

Affected Assets

samsung
exynos 1330 firmware
all versions
samsung
exynos 1380 firmware
all versions
samsung
exynos 1480 firmware
all versions
samsung
exynos 1580 firmware
all versions
samsung
exynos 2400 firmware
all versions
samsung
exynos 2500 firmware
all versions

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation of user-space inputs to the issimian driver, eliminating the root cause (CWE-20) that enables local information disclosure and DoS.

prevent

Enforces access-control decisions on the device driver so that low-privileged local processes cannot reach the vulnerable input paths.

prevent

Isolates the camera driver process, limiting the blast radius of any successful input-validation bypass to information disclosure or DoS within that process only.

References