Samsung Mobile Devices Out-of-Bounds Read Vulnerability (CVE-2021-25487)
Samsung mobile devices contain an out-of-bounds read vulnerability within the modem interface driver due to a lack of boundary checking of a buffer in set_skb_priv(), leading to remote code execution by dereference of an invalid function pointer.
A local attacker, with a low-privilege account, can achieve full data confidentiality loss, partial data tampering. Federal agencies are required to remediate by 2023-07-20 under CISA BOD 22-01.
This is a Out-of-bounds Read (CWE-125) vulnerability in Samsung Mobile Devices. Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer. Exploitation requires local access, low attack complexity, a low-privilege authenticated account, and no user interaction required.
Probably yes if any of these apply:
CISA added this CVE to the Known Exploited Vulnerabilities catalog on 2023-06-29 based on evidence of active exploitation in the wild. Federal agencies required to remediate by 2023-07-20.
Manual remediation steps
No tested PowerShell script for this entry yet. We’re prioritising automation based on user demand.