Samsung has released its monthly security updates for Android, including a fix for a security vulnerability that it said has been exploited in zero-day attacks.
The vulnerability, CVE-2025-21043 (CVSS score: 8.8), concerns an out-of-bounds write that could result in arbitrary code execution.
“Out-of-bounds Write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to execute arbitrary code,” Samsung said in an advisory. “The patch fixed the incorrect implementation.”
According to a 2020 report from Google Project Zero, libimagecodec.quram.so is a closed-source image parsing library developed by Quramsoft that implements support for various image formats.
The critical-rated issue, per the South Korean electronics giant, affects Android versions 13, 14, 15, and 16. The vulnerability was privately disclosed to the company on August 13, 2025.
Samsung did not share any specifics on how the vulnerability is being exploited in attacks and who may be behind these efforts. However, it acknowledged that “an exploit for this issue has existed in the wild.”
The development comes shortly after Google said it resolved two security flaws in Android (CVE-2025-38352 and CVE-2025-48543) that it said have been exploited in targeted attacks.
Source link
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We blogs.grocliq.com want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at [email protected]
