CVE-2021-25371
published 2021-03-26CVE-2021-25371: A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP.
PriorityP274medium6.7CVSS 3.1
AVLACLPRHUINSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2023-07-20
Exploited in the wild
EPSS
0.84%
53.3th percentile
A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| samsung | android | — | — |
| samsung | android | — | — |
| samsung_mobile | samsung_mobile_devices | >= Q(10.0), R(11.0) devices with exynos980, exynos2100, exynos9830 < SMR Mar-2021 Release 1 | SMR Mar-2021 Release 1 |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability resides in the DSP driver on Samsung Mobile Devices; monitor for attempts to load arbitrary ELF libraries into the DSP subsystem ↗
- →Target scope is Samsung Mobile Devices; prioritize detection on unpatched devices running DSP driver versions prior to SMR Mar-2021 Release 1 ↗
- ·Vulnerability details are described as 'unspecified' by CISA; no technical primitives, exploit code, or specific attack vectors are publicly documented in these sources, limiting detection specificity ↗
- ·Patch reference is Samsung SMR Mar-2021 Release 1; devices not updated to or beyond this release should be considered vulnerable ↗
CVSS provenance
nvdv3.16.7MEDIUMCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
vulncheck6.1MEDIUM
cisa6.7MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4g27-v2fc-m8fv: A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP
ghsa_unreviewed·2022-05-24
CVE-2021-25371 [HIGH] CWE-912 GHSA-4g27-v2fc-m8fv: A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP
A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP.
VulnCheck
Samsung Mobile Devices Unspecified Vulnerability
vulncheck·2021·CVSS 6.1
CVE-2021-25371 [MEDIUM] CWE-912 Samsung Mobile Devices Unspecified Vulnerability
Samsung Mobile Devices Unspecified Vulnerability
Samsung mobile devices contain an unspecified vulnerability within DSP driver that allows attackers to load ELF libraries inside DSP.
Affected: Samsung Mobile Devices
Required Action: Apply updates per vendor instructions or discontinue use of the product if updates are unavailable
Exploitation References: https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
Remediation Due: 2023-07-20
CISA
Samsung Mobile Devices Unspecified Vulnerability
cisa·2023-06-29·CVSS 6.7
CVE-2021-25371 [MEDIUM] CWE-912 Samsung Mobile Devices Unspecified Vulnerability
Vulnerability: Samsung Mobile Devices Unspecified Vulnerability
Affected: Samsung Mobile Devices
Samsung mobile devices contain an unspecified vulnerability within DSP driver that allows attackers to load ELF libraries inside DSP.
Required Action: Apply updates per vendor instructions or discontinue use of the product if updates are unavailable
Notes: https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=3; https://nvd.nist.gov/vuln/detail/CVE-2021-25371
Remediation Due Date: 2023-07-20
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2021-03-26
Published
2023-06-29
Added to CISA KEV
Exploited in the wild