CVE-2025-62818
Published: 07 April 2026
Summary
CVE-2025-62818 is a critical-severity Out-of-bounds Write (CWE-787) vulnerability in Samsung Exynos 990 Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 17.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly prevents out-of-bounds writes by validating TP-UDHI and UDL values in SMS TP-UD packets to ensure consistency with expected format.
Ensures timely identification, reporting, and patching of the specific out-of-bounds write flaw in affected Samsung processors and modems.
Mitigates exploitation consequences of the out-of-bounds write through memory isolation and protection mechanisms like bounds checking or execution restrictions.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct remote unauthenticated RCE via crafted SMS packet to modem/processor (public network service).
NVD Description
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. An out-of-bounds write…
more
occurs due to a mismatch between the TP-UDHI and UDL values when processing an SMS TP-UD packet.
Deeper analysisAI
CVE-2025-62818 is a high-severity vulnerability affecting multiple Samsung processors and modems, including Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, as well as Modem 5123, 5300, and 5400. The issue stems from an out-of-bounds write (CWE-787) triggered by a mismatch between the TP-UDHI and UDL values during processing of an SMS TP-UD packet. It carries a CVSS v3.1 base score of 9.8, indicating critical risk due to its network accessibility, low attack complexity, and lack of required privileges or user interaction.
Attackers can exploit this vulnerability remotely over the network by sending a specially crafted SMS message to a targeted device. No authentication or physical access is needed, enabling unauthenticated remote exploitation. Successful exploitation leads to high-impact consequences, including arbitrary code execution, data corruption, or device denial of service through the out-of-bounds write, compromising confidentiality, integrity, and availability.
Samsung has addressed this vulnerability through product security updates detailed on their semiconductor support pages, including a dedicated CVE advisory at https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-62818/ and the general updates portal at https://semiconductor.samsung.com/support/quality-support/product-security-updates/. Security practitioners should verify affected devices and apply the latest firmware or processor patches promptly.
Details
- CWE(s)