Redazione RHC : 13 September 2025 10:16
A September 2025 security update has been released by Samsung to address a critical zero-day vulnerability that is currently being actively exploited. This patch includes fixes for a total of 25 Samsung-specific vulnerabilities and exposures (SVEs), along with those implemented by Google and Samsung Semiconductor, aiming to strengthen the security of Galaxy devices against various threats.
A critical out-of-bounds write vulnerability in libimagecodec.quram.solibreria has been addressed in the latest update, specifically CVE-2025-21043. Android devices running versions 13, 14, 15, and 16 are affected by this security flaw, which has been deemed the most severe of those addressed in this update. Users are strongly advised to install the update immediately to protect their devices from potential remote code execution attacks.
A remote attacker could, with a successful exploit, execute code of their choice on a susceptible device, most likely by convincing the user to open a specially crafted image. Samsung has confirmed that an exploit for this issue already exists, making it even more urgent for users to apply the patch.
Vuoi diventare un esperto del Dark Web e della Cyber Threat Intelligence (CTI)?Stiamo per avviare il corso intermedio in modalità "Live Class" del corso "Dark Web & Cyber Threat Intelligence". A differenza dei corsi in e-learning, disponibili online sulla nostra piattaforma con lezioni pre-registrate, i corsi in Live Class offrono un’esperienza formativa interattiva e coinvolgente. Condotti dal professor Pietro Melillo, le lezioni si svolgono online in tempo reale, permettendo ai partecipanti di interagire direttamente con il docente e approfondire i contenuti in modo personalizzato. Questi corsi, ideali per aziende, consentono di sviluppare competenze mirate, affrontare casi pratici e personalizzare il percorso formativo in base alle esigenze specifiche del team, garantendo un apprendimento efficace e immediatamente applicabile. Contattaci tramite WhatsApp al 375 593 1011 per richiedere ulteriori informazioni oppure scriviti alla casella di posta [email protected] 
Se ti piacciono le novità e gli articoli riportati su di Red Hot Cyber, iscriviti immediatamente alla newsletter settimanale per non perdere nessun articolo. La newsletter generalmente viene inviata ai nostri lettori ad inizio settimana, indicativamente di lunedì. |
The vulnerability was disclosed privately by the Meta and WhatsApp security teams.
A patch has been released to correct the incorrect implementation that led to the flaw.
In addition, the September Security Maintenance Release (SMR) includes patches for two other vulnerabilities considered high severity. Among these, CVE-2025-32100, although not specifically detailed in the bulletin, is also classified as high severity.
Another significant fix, identified as CVE-2025-21034, addresses an out-of-bounds write vulnerability in libsavsvc.solibreria. This flaw could allow a local attacker to execute arbitrary code, posing a serious risk if a malicious application is already present on the device. The patch mitigates this threat by adding proper input validation to prevent memory corruption.
The update addresses not only critical and high-severity issues, but also a wide range of moderate-severity vulnerabilities in various system components. Specifically, vulnerabilities in unauthorized access control have been discovered in One UI Home (CVE-2025-21032), which could allow an attacker with physical access to bypass Kiosk mode. Additionally, a security flaw has been discovered in ContactProvider (CVE-2025-21033) that could allow local attackers to obtain sensitive information.
Other patches address issues in the ImsService service that could cause calls to drop or the SIM to be temporarily disabled. The security update, titled SMR Sep-2025 Release 1, will be rolled out to supported Galaxy smartphones and tablets in the coming weeks.
Redazione