CVE-2025-21042
HIGH KEVSamsung Android - Out-of-Bounds Write
Title source: ruleDescription
Out-of-bounds write in libimagecodec.quram.so prior to SMR Apr-2025 Release 1 allows remote attackers to execute arbitrary code.
Exploits (2)
nomisec
WRITEUP
by patricnilackshan · poc
https://github.com/patricnilackshan/Samsung-CVE-2025-21042
References (3)
Scores
CVSS v3
8.8
EPSS
0.0212
EPSS Percentile
84.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CISA KEV
2025-11-10
VulnCheck KEV
2025-11-07
ENISA EUVD
EUVD-2025-29029
CWE
CWE-787
Status
published
Products (2)
samsung/android
13.0 (42 CPE variants)
samsung/android
14.0 (8 CPE variants)
Published
Sep 12, 2025
KEV Added
Nov 10, 2025
Tracked Since
Feb 18, 2026