Redazione RHC : 13 September 2025 10:16
A September 2025 security update has been released by Samsung to address a critical zero-day vulnerability that is currently being actively exploited. This patch includes fixes for a total of 25 Samsung-specific vulnerabilities and exposures (SVEs), along with those implemented by Google and Samsung Semiconductor, aiming to strengthen the security of Galaxy devices against various threats.
A critical out-of-bounds write vulnerability in libimagecodec.quram.solibreria has been addressed in the latest update, specifically CVE-2025-21043. Android devices running versions 13, 14, 15, and 16 are affected by this security flaw, which has been deemed the most severe of those addressed in this update. Users are strongly advised to install the update immediately to protect their devices from potential remote code execution attacks.
A remote attacker could, with a successful exploit, execute code of their choice on a susceptible device, most likely by convincing the user to open a specially crafted image. Samsung has confirmed that an exploit for this issue already exists, making it even more urgent for users to apply the patch.
The vulnerability was disclosed privately by the Meta and WhatsApp security teams.
A patch has been released to correct the incorrect implementation that led to the flaw.
In addition, the September Security Maintenance Release (SMR) includes patches for two other vulnerabilities considered high severity. Among these, CVE-2025-32100, although not specifically detailed in the bulletin, is also classified as high severity.
Another significant fix, identified as CVE-2025-21034, addresses an out-of-bounds write vulnerability in libsavsvc.solibreria. This flaw could allow a local attacker to execute arbitrary code, posing a serious risk if a malicious application is already present on the device. The patch mitigates this threat by adding proper input validation to prevent memory corruption.
The update addresses not only critical and high-severity issues, but also a wide range of moderate-severity vulnerabilities in various system components. Specifically, vulnerabilities in unauthorized access control have been discovered in One UI Home (CVE-2025-21032), which could allow an attacker with physical access to bypass Kiosk mode. Additionally, a security flaw has been discovered in ContactProvider (CVE-2025-21033) that could allow local attackers to obtain sensitive information.
Other patches address issues in the ImsService service that could cause calls to drop or the SIM to be temporarily disabled. The security update, titled SMR Sep-2025 Release 1, will be rolled out to supported Galaxy smartphones and tablets in the coming weeks.