CVE-2021-25487
HIGH KEVModem Interface Driver <SMR Oct-2021 Release 1 - RCE
Title source: llmExploitation Summary
CVE-2021-25487 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added June 29, 2023.
Description
Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-25487
Scores
CVSS v3
7.3
EPSS
0.0256
EPSS Percentile
85.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
no
Technical Impact
total
Details
CISA KEV
2023-06-29
VulnCheck KEV
2021-07-26
InTheWild.io
2021-07-26
ENISA EUVD
EUVD-2021-12383
CWE
CWE-125
Status
published
Products (4)
samsung/android
8.1
samsung/android
9.0 smr-apr-2021-r1 (9 CPE variants)
samsung/android
10.0 smr-apr-2021-r1 (9 CPE variants)
samsung/android
11.0 smr-apr-2021-r1 (9 CPE variants)
Published
Oct 06, 2021
KEV Added
Jun 29, 2023
Tracked Since
Feb 18, 2026