Samsung has issued security updates addressing a zero-day vulnerability (CVE-2025-21043) in Android that has been exploited in the wild. The flaw involves an out-of-bounds write in the libimagecodec.quram.so library, affecting multiple Android versions. #CVE202521043 #Quramsoft
Keypoints
- Samsung released monthly security updates to fix a critical zero-day vulnerability in Android.
- The vulnerability CVE-2025-21043 allows remote code execution via an out-of-bounds write.
- The flaw impacts Android versions 13 through 16 and was exploited in active attacks.
- The affected library, libimagecodec.quram.so, is a closed-source image parsing component by Quramsoft.
- Samsung did not disclose details of the ongoing attacks or threat actors behind them.
Read More: https://thehackernews.com/2025/09/samsung-fixes-critical-zero-day-cve.html