{"metadata": {"count": 1, "page": 1, "per_page": 100}, "data": [{"uuid": "c6034944-1b62-43b6-a14f-2a3adf4ec320", "vulnerability": {"vulnId": "CVE-2021-25370", "altId": []}, "gcve": {"origin_uuid": "405284c2-e461-4670-8979-7fd2c9755a60", "object_uuid": "c6034944-1b62-43b6-a14f-2a3adf4ec320"}, "status": {"exploited": true, "status_reason": "confirmed", "status_updated_at": "2022-11-08T00:00:00+00:00"}, "characteristics": {}, "timestamps": {"asserted_at": "2022-11-08T00:00:00Z", "recorded_at": "2026-02-02T13:24:01Z", "first_seen_at": "2022-11-08T00:00:00Z"}, "scope": {"notes": "KEV entry: Samsung Mobile Devices Memory Corruption Vulnerability | Affected: Samsung / Mobile Devices | Description: Samsung mobile devices using Mali GPU contain an incorrect implementation handling file descriptor in dpu driver. This incorrect implementation results in memory corruption, leading to kernel panic. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25369. | Required action: Apply updates per vendor instructions. | Due date: 2022-11-29 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://security.samsungmobile.com/securityUpdate.smsb; https://nvd.nist.gov/vuln/detail/CVE-2021-25370"}, "evidence": [{"type": "vendor_report", "source": "cisa-kev", "signal": "successful_exploitation", "confidence": 0.8, "details": {"cwes": ["CWE-416"], "feed": "CISA Known Exploited Vulnerabilities Catalog", "product": "Mobile Devices", "due_date": "2022-11-29", "date_added": "2022-11-08", "vendorProject": "Samsung", "vulnerabilityName": "Samsung Mobile Devices Memory Corruption Vulnerability", "knownRansomwareCampaignUse": "Unknown"}}], "references": [{"id": "CVE-2021-25370", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2021-25370"}]}]}