ByteOS Network

CVE Vulnerability Details :

CVE-2021-25371

PUBLISHED

More Info Official Page

Assigner-Samsung Mobile

Assigner Org ID-3af57064-a867-422c-b2ad-40307b65c458

View Known Exploited Vulnerability (KEV) details

Published At-26 Mar, 2021 | 18:24

Updated At-21 Oct, 2025 | 23:25

▼CVE Numbering Authority (CNA)

A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP.

Affected Products

Vendor

Samsung Electronics

Product

Samsung Mobile Devices

Versions

Affected

From Q(10.0), R(11.0) devices with exynos980, exynos2100, exynos9830 before SMR Mar-2021 Release 1 (custom)

Problem Types

Type	CWE ID	Description
CWE	CWE-912	CWE-912: Hidden Functionality

Type: CWE

CWE ID: CWE-912

Description: CWE-912: Hidden Functionality

Metrics

Version	Base score	Base severity	Vector
3.1	6.1	MEDIUM	CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Version: 3.1

Base score: 6.1

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

References

Hyperlink	Resource
https://security.samsungmobile.com/securityUpdate.smsb	x_refsource_CONFIRM
https://security.samsungmobile.com	x_refsource_MISC

Hyperlink: https://security.samsungmobile.com/securityUpdate.smsb

Resource:

x_refsource_CONFIRM

Hyperlink: https://security.samsungmobile.com

Resource:

x_refsource_MISC

▼Authorized Data Publishers (ADP)

1. CVE Program Container

References

Hyperlink	Resource
https://security.samsungmobile.com/securityUpdate.smsb	x_refsource_CONFIRM x_transferred
https://security.samsungmobile.com	x_refsource_MISC x_transferred

Hyperlink: https://security.samsungmobile.com/securityUpdate.smsb

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: https://security.samsungmobile.com

Resource:

x_refsource_MISC

x_transferred

2. CISA ADP Vulnrichment

Metrics Other Info

kev

dateAdded:

2023-06-29

reference:

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-25371

Timeline

Event	Date
CVE-2021-25371 added to CISA KEV	2023-06-29 00:00:00

Event: CVE-2021-25371 added to CISA KEV

Date: 2023-06-29 00:00:00

References

Hyperlink	Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-25371	government-resource

Hyperlink: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-25371

Resource:

government-resource

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References