CVE-2025-59440
Published: 06 April 2026
Summary
CVE-2025-59440 is a high-severity Uncontrolled Resource Consumption (CWE-400) vulnerability in Samsung Exynos 990 Firmware. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 19.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates the CVE by requiring timely identification, testing, and application of Samsung's firmware updates that remediate the improper handling of SIM card proactive commands.
Prevents or limits the effects of the DoS attack by protecting against resource exhaustion triggered by crafted remote SIM proactive commands over the network.
Addresses the root cause by enforcing validation of SIM card proactive command inputs to block malformed commands that lead to uncontrolled resource consumption.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability enables remote crafted proactive commands to trigger resource exhaustion and modem DoS via application/system exploitation.
NVD Description
An issue was discovered in USIM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Improper…
more
handling of SIM card proactive commands leads to a Denial of Service.
Deeper analysisAI
CVE-2025-59440 is a vulnerability in the Universal Subscriber Identity Module (USIM) component within Samsung Mobile Processor, Wearable Processor, and Modem processors, specifically affecting Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The issue arises from improper handling of SIM card proactive commands, which can lead to a Denial of Service condition. It is classified under CWE-400 (Uncontrolled Resource Consumption) and carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
Remote attackers can exploit this vulnerability over the network with low complexity, without requiring privileges or user interaction. By sending crafted SIM card proactive commands, an unauthenticated adversary can trigger resource exhaustion or disruption in the affected USIM, resulting in high-impact availability loss, such as modem crashes or device connectivity failures, while confidentiality and integrity remain unaffected.
Samsung Semiconductor has issued product security updates addressing CVE-2025-59440, detailed in their quality support documentation at https://semiconductor.samsung.com/support/quality-support/product-security-updates/ and the dedicated CVE page at https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-59440/. Security practitioners should verify affected devices and apply the recommended firmware or patch updates promptly.
Details
- CWE(s)