cbcvebase.
CVE-2021-25371
published 2021-03-26

CVE-2021-25371: A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP.

PriorityP274medium6.7CVSS 3.1
AVLACLPRHUINSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2023-07-20
Exploited in the wild
EPSS
0.84%
53.3th percentile
A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP.

Affected

3 ranges
VendorProductVersion rangeFixed in
samsungandroid
samsungandroid
samsung_mobilesamsung_mobile_devices>= Q(10.0), R(11.0) devices with exynos980, exynos2100, exynos9830 < SMR Mar-2021 Release 1SMR Mar-2021 Release 1

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability resides in the DSP driver on Samsung Mobile Devices; monitor for attempts to load arbitrary ELF libraries into the DSP subsystem
  • Target scope is Samsung Mobile Devices; prioritize detection on unpatched devices running DSP driver versions prior to SMR Mar-2021 Release 1
  • ·Vulnerability details are described as 'unspecified' by CISA; no technical primitives, exploit code, or specific attack vectors are publicly documented in these sources, limiting detection specificity
  • ·Patch reference is Samsung SMR Mar-2021 Release 1; devices not updated to or beyond this release should be considered vulnerable

CVSS provenance

nvdv3.16.7MEDIUMCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
vulncheck6.1MEDIUM
cisa6.7MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.