cbcvebase.
CVE-2021-25395
published 2021-06-11

CVE-2021-25395: A race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows local attackers to bypass signature check given a radio privilege is compromised.

PriorityP275medium6.4CVSS 3.1
AVLACHPRHUINSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2023-07-20
Exploited in the wild
EPSS
0.39%
30.3th percentile
A race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows local attackers to bypass signature check given a radio privilege is compromised.

Affected

5 ranges
VendorProductVersion rangeFixed in
samsungandroid
samsungandroid
samsungandroid
samsungandroid
samsung_mobilesamsung_mobile_devices>= O(8.x), P(9.0), Q(10.0), R(11.0) < SMR MAY-2021 Release 1SMR MAY-2021 Release 1

Detection & IOCsextracted from sources · hover to see the quote

  • Target the MFC charger driver in Samsung Mobile Devices; exploitation requires a race condition to be won within this driver component, resulting in a use-after-free primitive enabling an arbitrary write
  • Exploitation requires the attacker to already hold radio privilege (local privilege escalation chain); monitor for unexpected processes or code executing under the radio UID/privilege context on Samsung devices
  • ·Vulnerability is present only in Samsung Mobile Devices running software prior to SMR MAY-2021 Release 1; patched devices are not affected
  • ·Exploitation is constrained to local attackers who have already compromised radio privilege; this is not a remote code execution vector on its own

CVSS provenance

nvdv3.16.4MEDIUMCVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv2.04.4MEDIUMAV:L/AC:M/Au:N/C:P/I:P/A:P
vulncheck6.4MEDIUM
cisa6.4MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.