Samsung has released its September 2025 security update, addressing a critical zero-day vulnerability that is being actively exploited in the wild.
The patch resolves a total of 25 Samsung Vulnerabilities and Exposures (SVEs), alongside fixes from Google and Samsung Semiconductor, to safeguard Galaxy devices against a range of security threats.
Users are strongly urged to install the update immediately to protect their devices from potential remote code execution attacks.
Samsung Patches Actively Exploited Zero-Day
The most severe flaw addressed in this update is tracked as CVE-2025-21043, a critical out-of-bounds write vulnerability in the libimagecodec.quram.so library. This vulnerability affects devices running Android versions 13, 14, 15, and 16.
A successful exploit could allow a remote attacker to execute arbitrary code on a vulnerable device, likely by tricking the user into processing a specially crafted image.
Samsung has confirmed that an exploit for this issue already exists, elevating the urgency for users to apply the patch.
The security teams at Meta and WhatsApp privately disclosed the vulnerability. The patch corrects the incorrect implementation that led to the flaw.
The September Security Maintenance Release (SMR) also includes patches for two other high-severity vulnerabilities. The first, CVE-2025-32100, was noted in the bulletin without specific details but is rated as high severity.
Another significant fix, identified as CVE-2025-21034, addresses an out-of-bounds write vulnerability in the libsavsvc.so library.
This flaw could allow a local attacker to execute arbitrary code, posing a serious risk if a malicious application is already present on the device.
The patch mitigates this threat by adding proper input validation to prevent memory corruption.
Fixes And Update Details
Beyond the critical and high-severity issues, the update resolves numerous moderate-severity vulnerabilities across various system components.
These include improper access control flaws in One UI Home (CVE-2025-21032) that could let a physical attacker bypass Kiosk mode, and a flaw in ContactProvider (CVE-2025-21033) allowing local attackers to access sensitive information.
Other patches address issues in the ImsService that could lead to call interruption or temporary SIM disabling. The security update, designated SMR Sep-2025 Release 1, will roll out to supported Galaxy smartphones and tablets in the coming weeks.
Users can check for the update by navigating to Settings > Software update > Download and install.
Find this Story Interesting! Follow us on Google News, LinkedIn, and X to Get More Instant Updates.
