CVE-2021-25489

3.3

CVSS
Low

PUBLISHED

Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string...

Exploited in the wild Low complexity No user interaction

Vendor: Samsung Mobile
Product: Samsung Mobile Devices
Published: Oct 06, 2021
EPSS: —

Description

Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic.

cisa

CVSS scores

CVSS v3.1 3.3 Low

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Exploitation status

Exploited in the wild

Recorded 2023-06-29 00:00:00 UTC · Source

SSVC decision points

Exploitation: active
Automatable: No
Technical impact: partial

References

https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source	Added
CISA	Jun 29, 2023

Vulnerability detail