CVE-2021-25489
published 2021-10-06CVE-2021-25489: Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to…
PriorityP279medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2023-07-20
Exploited in the wild
EPSS
0.52%
40.1th percentile
Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| samsung | android | — | — |
| samsung | android | — | — |
| samsung | android | — | — |
| samsung | android | — | — |
| samsung_mobile | samsung_mobile_devices | >= O(8.1), P(9.0), Q(10.0), R(11.0) < SMR Oct-2021 Release 1 | SMR Oct-2021 Release 1 |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability is exploitable only after radio permission is gained; monitor for processes or apps acquiring radio-level permissions on Samsung devices as a precursor indicator ↗
- →Target attack surface is the modem interface driver on Samsung Mobile Devices; monitor for unexpected kernel panics or crashes originating from the modem interface driver layer ↗
- ·Vulnerability affects Samsung Mobile Devices on firmware prior to SMR Oct-2021 Release 1; devices patched at or after this release are not affected ↗
- ·Exploitation requires radio permission as a prerequisite; the vulnerability is not directly reachable from unprivileged context ↗
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvdv2.04.9MEDIUMAV:L/AC:L/Au:N/C:N/I:N/A:C
vulncheck3.3LOW
cisa5.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA
Samsung Mobile Devices Improper Input Validation Vulnerability
cisa·2023-06-29·CVSS 5.5
CVE-2021-25489 [MEDIUM] CWE-20 Samsung Mobile Devices Improper Input Validation Vulnerability
Vulnerability: Samsung Mobile Devices Improper Input Validation Vulnerability
Affected: Samsung Mobile Devices
Samsung mobile devices contain an improper input validation vulnerability within the modem interface driver that results in a format string bug leading to kernel panic.
Required Action: Apply updates per vendor instructions or discontinue use of the product if updates are unavailable
Notes: https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10; https://nvd.nist.gov/vuln/detail/CVE-2021-25489
Remediation Due Date: 2023-07-20
GHSA
GHSA-hmpv-pvg5-4fpq: Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug l
ghsa_unreviewed·2022-05-24
CVE-2021-25489 [MEDIUM] CWE-134 GHSA-hmpv-pvg5-4fpq: Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug l
Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic.
VulnCheck
Samsung Mobile Devices Improper Input Validation Vulnerability
vulncheck·2021·CVSS 3.3
CVE-2021-25489 [LOW] CWE-20 Samsung Mobile Devices Improper Input Validation Vulnerability
Samsung Mobile Devices Improper Input Validation Vulnerability
Samsung mobile devices contain an improper input validation vulnerability within the modem interface driver that results in a format string bug leading to kernel panic.
Affected: Samsung Mobile Devices
Required Action: Apply updates per vendor instructions or discontinue use of the product if updates are unavailable
Exploitation References: https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
Remediation Due: 2023-07-20
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2021-10-06
Published
2023-06-29
Added to CISA KEV
Exploited in the wild