cbcvebase.
CVE-2021-25394
published 2021-06-11

CVE-2021-25394: A use after free vulnerability via race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows arbitrary write given a radio privilege is…

PriorityP277medium6.4CVSS 3.1
AVLACHPRHUINSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2023-07-20
Exploited in the wild
EPSS
0.42%
33.8th percentile
A use after free vulnerability via race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows arbitrary write given a radio privilege is compromised.

Affected

5 ranges
VendorProductVersion rangeFixed in
samsungandroid
samsungandroid
samsungandroid
samsungandroid
samsung_mobilesamsung_mobile_devices>= O(8.x), P(9.0), Q(10.0), R(11.0) < SMR MAY-2021 Release 1SMR MAY-2021 Release 1

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability resides in the MFC charger driver on Samsung Mobile Devices; monitor for exploitation attempts targeting this driver component in conjunction with a compromised radio privilege context
  • Exploitation requires radio privilege to be compromised first; correlate any radio subsystem privilege escalation events with subsequent arbitrary write activity as a chained attack indicator
  • ·Vulnerability is present only in Samsung Mobile Devices running software versions prior to SMR MAY-2021 Release 1; devices patched at or beyond this release are not affected

CVSS provenance

nvdv3.16.4MEDIUMCVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv2.04.4MEDIUMAV:L/AC:M/Au:N/C:P/I:P/A:P
vulncheck6.4MEDIUM
cisa6.4MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.