CVE-2021-25371

Published: Mar 26, 2021Modified: Oct 30, 2025CISA KEV

6.7

Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 0.8 / Impact: 5.9

Source: NVD

Description

A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP.

Affected (4)

Products: Samsung: Android

1 product

Configuration A

4 vulnerable · 3 platform

Vulnerable Software	Affected Versions
Samsung Android	Version 10.0 smr-feb-2021-r1
Samsung Android	Version 10.0 smr-jan-2021-r1
Samsung Android	Version 11.0 smr-feb-2021-r1
Samsung Android	Version 11.0 smr-jan-2021-r1

Running on/with	Platform Versions
Samsung Exynos 2100	All versions
Samsung Exynos 980	All versions
Samsung Exynos 9830	All versions

Related CWEs

Hidden Functionality

The product contains functionality that is not documented, not part of the specification, and not accessible through an interface or command sequence that is obvious to the product's users or administrators.

References (5)

https://security.samsungmobile.com

Source: mobile.security@samsung.com

Vendor Advisory

https://security.samsungmobile.com/securityUpdate.smsb

Source: mobile.security@samsung.com

Vendor Advisory

https://security.samsungmobile.com

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://security.samsungmobile.com/securityUpdate.smsb

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-25371

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

US Government Resource

Timeline

No history available yet.