{"id":6608,"date":"2025-09-13T06:16:56","date_gmt":"2025-09-13T06:16:56","guid":{"rendered":"https:\/\/techtrendfeed.com\/?p=6608"},"modified":"2025-09-13T06:16:56","modified_gmt":"2025-09-13T06:16:56","slug":"samsung-fixes-vital-zero-day-cve-2025-21043-exploited-in-android-assaults","status":"publish","type":"post","link":"https:\/\/techtrendfeed.com\/?p=6608","title":{"rendered":"Samsung Fixes Vital Zero-Day CVE-2025-21043 Exploited in Android Assaults"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div>\n<p><span class=\"p-author\"><i class=\"icon-font icon-calendar\">\ue802<\/i><span class=\"author\">Sep 12, 2025<\/span><i class=\"icon-font icon-user\">\ue804<\/i><span class=\"author\">Ravie Lakshmanan<\/span><\/span><span class=\"p-tags\">Vulnerability \/ Cell Safety<\/span><\/p>\n<\/div>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both;\"><a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiQbDj_kBGmfSCWIDEGU5fEAMLEUb8wxyX1na5DxoFQF33Bqi9j7UegDoUizpaaleYdmXDP7K4R6p0qjU7ziXTYKa2qoNqKpEVaIz4AklFtXQKqI0qGSnhg2q0IX1debl4jucbSj52LwAXNUjqvAN3o17LJVOM1P8sXu1SZcPxtK4xPioQ73ryPNne7n8dZ\/s728-rw-e365\/samsung.jpg\" style=\"display: block;  text-align: center; clear: left; float: left;\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiQbDj_kBGmfSCWIDEGU5fEAMLEUb8wxyX1na5DxoFQF33Bqi9j7UegDoUizpaaleYdmXDP7K4R6p0qjU7ziXTYKa2qoNqKpEVaIz4AklFtXQKqI0qGSnhg2q0IX1debl4jucbSj52LwAXNUjqvAN3o17LJVOM1P8sXu1SZcPxtK4xPioQ73ryPNne7n8dZ\/s728-rw-e365\/samsung.jpg\" alt=\"\" border=\"0\" data-original-height=\"380\" data-original-width=\"728\"\/><\/a><\/div>\n<p>Samsung has launched its month-to-month safety updates for Android, together with a repair for a safety vulnerability that it mentioned has been exploited in zero-day assaults.<\/p>\n<p>The vulnerability, <strong><a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.cve.org\/CVERecord?id=CVE-2025-21043\" rel=\"noopener\" target=\"_blank\">CVE-2025-21043<\/a><\/strong> (CVSS rating: 8.8), issues an out-of-bounds write that would lead to arbitrary code execution.<\/p>\n<p>&#8220;Out-of-bounds Write in libimagecodec.quram.so previous to SMR Sep-2025 Launch 1 permits distant attackers to execute arbitrary code,&#8221; Samsung <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/security.samsungmobile.com\/securityUpdate.smsb\" rel=\"noopener\" target=\"_blank\">mentioned<\/a> in an advisory. &#8220;The patch fastened the inaccurate implementation.&#8221;<\/p>\n<p>In response to a <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/googleprojectzero.blogspot.com\/2020\/07\/mms-exploit-part-1-introduction-to-qmage.html\" rel=\"noopener\" target=\"_blank\">2020 report<\/a> from Google Mission Zero, libimagecodec.quram.so is a closed-source picture parsing library developed by Quramsoft that implements help for varied picture codecs.<\/p>\n<div class=\"dog_two clear\"><center class=\"cf\"><a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/thehackernews.uk\/audit-beyond-2025-2\" rel=\"nofollow noopener sponsored\" target=\"_blank\"><img loading=\"lazy\" decoding=\"async\" class=\"lazyload\" alt=\"Audit and Beyond\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiMKYFpKHK38cJ6SV4gpR-nd5G3sVf_qoGE-VrZeYqcEwnN46VKdnWTENyGAEC5Mam9_LzamDzjJHuEJJ0riUhyKWNsw4VpP2XxaVZZ7O2FGvdXlegDgJFrLQwmf_vvpjp8Dt2svM2cIcHqRxfyTuDfeEjIrt7m-T0U0GUdp6FwC_g-lPLIn7l2CNEcBUCV\/s728-e100\/audit-d.png\" width=\"728\" height=\"91\"\/><\/a><\/center><\/div>\n<p>The critical-rated difficulty, per the South Korean electronics big, impacts Android variations 13, 14, 15, and 16. The vulnerability was privately disclosed to the corporate on August 13, 2025.<\/p>\n<p>Samsung didn&#8217;t share any specifics on how the vulnerability is being exploited in assaults and who could also be behind these efforts. Nevertheless, it acknowledged that &#8220;an exploit for this difficulty has existed within the wild.&#8221;<\/p>\n<p>The event comes shortly after Google <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/thehackernews.com\/2025\/09\/android-security-alert-google-patches.html\" rel=\"noopener\" target=\"_blank\">mentioned<\/a> it resolved two safety flaws in Android (CVE-2025-38352 and CVE-2025-48543) that it mentioned have been exploited in focused assaults.<\/p>\n<\/div>\n\n","protected":false},"excerpt":{"rendered":"<p>\ue802Sep 12, 2025\ue804Ravie LakshmananVulnerability \/ Cell Safety Samsung has launched its month-to-month safety updates for Android, together with a repair for a safety vulnerability that it mentioned has been exploited in zero-day assaults. The vulnerability, CVE-2025-21043 (CVSS rating: 8.8), issues an out-of-bounds write that would lead to arbitrary code execution. &#8220;Out-of-bounds Write in libimagecodec.quram.so previous [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":6610,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[797,145,420,5321,1994,1904,2490,4218],"class_list":["post-6608","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-android","tag-attacks","tag-critical","tag-cve202521043","tag-exploited","tag-fixes","tag-samsung","tag-zeroday"],"_links":{"self":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/6608","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=6608"}],"version-history":[{"count":1,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/6608\/revisions"}],"predecessor-version":[{"id":6609,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/6608\/revisions\/6609"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/media\/6610"}],"wp:attachment":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=6608"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=6608"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=6608"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}<!-- This website is optimized by Airlift. Learn more: https://airlift.net. Template:. Learn more: https://airlift.net. Template: 69d9690a190636c2e0989534. Config Timestamp: 2026-04-10 21:18:02 UTC, Cached Timestamp: 2026-07-02 15:55:14 UTC -->