Samsung has patched a remote code execution vulnerability that was exploited in zero-day attacks targeting its Android devices. Tracked as CVE-2025-21043, this critical security flaw affects Samsung devices running Android 13 or later and was reported by the security teams of Meta and WhatsApp on August 13. As Samsung explains in a recently updated advisory, this vulnerability was discovered in libimagecodec.quram.so (a closed-source image parsing library developed by Quramsoft that implements support for various image formats) and is caused by an out-of-bounds write weakness that allows attackers to execute malicious code on vulnerable devices remotely. Out-of-bounds Write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to execute arbitrary code, Samsung says. Samsung was notified that an exploit for this issue has existed in the wild. While Samsung didn’t specify whether the attacks targeted only WhatsApp users with Samsung Android devices, other instant messengers that utilize the vulnerable image parsing library could also be potentially targeted using CVE-2025-21043 exploits. As part of our proactive investigation into a highly targeted exploit over the summer (which resulted in our security advisory for iOS/MacOS WhatsApp users), we shared our findings with our industry peers, including Apple and Samsung, a Meta spokesperson told BleepingComputer. Apple mitigated the relevant high-severity vulnerability (CVE-2025-43300) last month. Samsung also issued a patch for SVE-2025-1702 and published their security advisory this week.
Contact us : 0915579536
Or on the website digitalonion.ly
Visit us at our company address: Tripoli – Andalus Street – Next to the Iraqi Embassy.
Leave a Reply