Vulnerability Management, Patch/Configuration Management, Endpoint/Device Security, Application security

Samsung patches actively exploited zero-day Android flaw

Illuminated red sign for Samsung Galaxy

Samsung patched a high-severity 8.8 zero-day Android flaw that it said was exploited in the wild.

Made as part of Samsung’s monthly patches, the fix for CVE-2025-21043 involved an out-of-bounds write that, when exploited, results in an arbitrary code execution. It was privately reported to Samsung on Aug. 13.

Samsung said the patch fixed an incorrect implementation of libimagecodec.quram, a closed-source image parsing library from Quramsoft that implements support for various image formats.

Noelle Murata, senior security engineer at Xcape Inc., said patching is urgent for all impacted Android 13+ devices because the Samsung zero-day has already been exploited in the wild. Murata said teams should use mobile security platforms or MDM to distribute the update, check for compliance, and keep an eye out for signs of compromise related to CVE-2025-21043.

“In addition to patching, it's critical to reinforce mobile threat detection and make sure staff members understand not to postpone updates,” said Murata. “History demonstrates that mobile zero-days frequently spread swiftly after going public, even if an exploit appears targeted at the moment.”

Brian Thornton, senior sales engineer at Zimperium, said zero-day exploits targeting popular apps and OEM libraries show just how fast attackers are shifting to mobile as their way in. In this case, Thornton said a closed-source image library created a broad risk across Samsung devices and the apps that depend on it.

“Security teams should make sure employees update their Samsung devices right away and tighten up mobile defense plans,” said Thornton. “Traditional endpoint tools can’t see these kinds of mobile exploits— dedicated mobile security is key to detecting and defending zero-days in real time.”

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds