Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-54602 (GCVE-0-2025-54602)
Vulnerability from cvelistv5 – Published: 2026-04-06 00:00 – Updated: 2026-04-06 19:52
VLAI
EPSS
Summary
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Improper synchronization on a global variable leads to a use-after-free. An attacker can trigger a race condition by invoking an ioctl function concurrently from multiple threads.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-54602",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-06T19:51:02.536286Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T19:52:21.651Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Improper synchronization on a global variable leads to a use-after-free. An attacker can trigger a race condition by invoking an ioctl function concurrently from multiple threads."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T19:01:15.838Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/"
},
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-54602/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-54602",
"datePublished": "2026-04-06T00:00:00.000Z",
"dateReserved": "2025-07-27T00:00:00.000Z",
"dateUpdated": "2026-04-06T19:52:21.651Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-54602",
"date": "2026-06-16",
"epss": "0.00086",
"percentile": "0.00429"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-54602\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2026-04-06T20:16:20.620\",\"lastModified\":\"2026-04-07T16:01:19.713\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Improper synchronization on a global variable leads to a use-after-free. An attacker can trigger a race condition by invoking an ioctl function concurrently from multiple threads.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-362\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F18F62E-2012-442E-BE60-6E76325D1824\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D8701B6-6989-44D1-873A-A1823BFD7CCC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:exynos_850_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1928760C-4FC4-45B0-84FF-C1105CD1DD2A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:exynos_850:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB410A6D-642B-49AE-8B1C-EADA953A84DA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:exynos_1080_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43DE4D6F-D662-46F2-93BC-9AE950320BDE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:exynos_1080:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE06CD56-8BFD-4208-843A-179E3E6F5C10\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:exynos_1280_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD1A7B09-9031-4E54-A24F-3237C054166B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:exynos_1280:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFC68046-2F08-40D1-B158-89D8D9263541\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:exynos_1330_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2635646-DD6A-4735-8E01-F45445584832\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:exynos_1330:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA0F8A58-71B7-4503-A03A-6FB4282D75BD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:exynos_1380_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D381478B-C638-4663-BD71-144BE4B02E46\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:exynos_1380:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61E72146-72FE-4B54-AB79-3C665E7F016C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:exynos_1480_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64897B0D-EBF6-4BEB-BF54-ABCDBFAB45E0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:exynos_1480:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3F328B4-0442-4748-B5EE-DD1CEE50D6CF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:exynos_1580_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3594664-3CE6-4827-ABD4-B5719817F5D5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:exynos_1580:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93C1F9E8-DA04-4466-AF66-01560A07BD98\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:exynos_w1000_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"526A0088-BDA7-4373-8966-AEED69C1AE8A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:exynos_w1000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9657C28-AA6B-4C1A-ACAA-E90645CF2A73\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:exynos_w920_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6ADED27-EDAF-4FB3-8CB2-AE5F59B93641\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:exynos_w920:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BF79654-E5C6-4DFF-B33A-A78571CD300C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:exynos_w930_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"801E188F-C71B-4933-9099-151A4A1B1BC5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:exynos_w930:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D8FC82D-57C5-4F00-BDF4-4261A32C4246\"}]}]}],\"references\":[{\"url\":\"https://semiconductor.samsung.com/support/quality-support/product-security-updates/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-54602/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-54602\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-06T19:51:02.536286Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-362\", \"description\": \"CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-06T19:49:43.595Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://semiconductor.samsung.com/support/quality-support/product-security-updates/\"}, {\"url\": \"https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-54602/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Improper synchronization on a global variable leads to a use-after-free. An attacker can trigger a race condition by invoking an ioctl function concurrently from multiple threads.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2026-04-06T19:01:15.838Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-54602\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-06T19:52:21.651Z\", \"dateReserved\": \"2025-07-27T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2026-04-06T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
FKIE_CVE-2025-54602
Vulnerability from fkie_nvd - Published: 2026-04-06 20:16 - Updated: 2026-04-07 16:01
Severity
Summary
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Improper synchronization on a global variable leads to a use-after-free. An attacker can trigger a race condition by invoking an ioctl function concurrently from multiple threads.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F18F62E-2012-442E-BE60-6E76325D1824",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D8701B6-6989-44D1-873A-A1823BFD7CCC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:samsung:exynos_850_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1928760C-4FC4-45B0-84FF-C1105CD1DD2A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:samsung:exynos_850:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB410A6D-642B-49AE-8B1C-EADA953A84DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:samsung:exynos_1080_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43DE4D6F-D662-46F2-93BC-9AE950320BDE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:samsung:exynos_1080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE06CD56-8BFD-4208-843A-179E3E6F5C10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:samsung:exynos_1280_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1A7B09-9031-4E54-A24F-3237C054166B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:samsung:exynos_1280:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFC68046-2F08-40D1-B158-89D8D9263541",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:samsung:exynos_1330_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2635646-DD6A-4735-8E01-F45445584832",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:samsung:exynos_1330:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0F8A58-71B7-4503-A03A-6FB4282D75BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:samsung:exynos_1380_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D381478B-C638-4663-BD71-144BE4B02E46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:samsung:exynos_1380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61E72146-72FE-4B54-AB79-3C665E7F016C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:samsung:exynos_1480_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64897B0D-EBF6-4BEB-BF54-ABCDBFAB45E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:samsung:exynos_1480:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3F328B4-0442-4748-B5EE-DD1CEE50D6CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:samsung:exynos_1580_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3594664-3CE6-4827-ABD4-B5719817F5D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:samsung:exynos_1580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93C1F9E8-DA04-4466-AF66-01560A07BD98",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:samsung:exynos_w1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "526A0088-BDA7-4373-8966-AEED69C1AE8A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:samsung:exynos_w1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9657C28-AA6B-4C1A-ACAA-E90645CF2A73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:samsung:exynos_w920_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6ADED27-EDAF-4FB3-8CB2-AE5F59B93641",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:samsung:exynos_w920:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF79654-E5C6-4DFF-B33A-A78571CD300C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:samsung:exynos_w930_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "801E188F-C71B-4933-9099-151A4A1B1BC5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:samsung:exynos_w930:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8FC82D-57C5-4F00-BDF4-4261A32C4246",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Improper synchronization on a global variable leads to a use-after-free. An attacker can trigger a race condition by invoking an ioctl function concurrently from multiple threads."
}
],
"id": "CVE-2025-54602",
"lastModified": "2026-04-07T16:01:19.713",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2026-04-06T20:16:20.620",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-54602/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
GHSA-C585-9W92-V4HM
Vulnerability from github – Published: 2026-04-06 21:31 – Updated: 2026-04-06 21:31
VLAI
Details
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Improper synchronization on a global variable leads to a use-after-free. An attacker can trigger a race condition by invoking an ioctl function concurrently from multiple threads.
Severity
7.0 (High)
{
"affected": [],
"aliases": [
"CVE-2025-54602"
],
"database_specific": {
"cwe_ids": [
"CWE-362"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-06T20:16:20Z",
"severity": "HIGH"
},
"details": "An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Improper synchronization on a global variable leads to a use-after-free. An attacker can trigger a race condition by invoking an ioctl function concurrently from multiple threads.",
"id": "GHSA-c585-9w92-v4hm",
"modified": "2026-04-06T21:31:34Z",
"published": "2026-04-06T21:31:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54602"
},
{
"type": "WEB",
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates"
},
{
"type": "WEB",
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-54602"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
WID-SEC-W-2026-0974
Vulnerability from csaf_certbund - Published: 2026-04-06 22:00 - Updated: 2026-06-01 22:00Summary
Samsung Android: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Das Android Betriebssystem ist eine quelloffene Plattform für mobile Geräte. Die Basis bildet der Linux-Kernel.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Samsung Android ausnutzen, um seine Privilegien zu erhöhen, um Sicherheitsvorkehrungen zu umgehen, um Informationen offenzulegen, und um Dateien zu manipulieren.
Betroffene Betriebssysteme: - Sonstiges
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Android <SMR-APR-2026
Samsung / Android
|
<SMR-APR-2026 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Das Android Betriebssystem ist eine quelloffene Plattform f\u00fcr mobile Ger\u00e4te. Die Basis bildet der Linux-Kernel.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Samsung Android ausnutzen, um seine Privilegien zu erh\u00f6hen, um Sicherheitsvorkehrungen zu umgehen, um Informationen offenzulegen, und um Dateien zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0974 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0974.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0974 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0974"
},
{
"category": "external",
"summary": "Samsung Security Updates April 2026 vom 2026-04-06",
"url": "https://security.samsungmobile.com/securityUpdate.smsb"
}
],
"source_lang": "en-US",
"title": "Samsung Android: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-06-01T22:00:00.000+00:00",
"generator": {
"date": "2026-06-02T07:22:30.968+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-0974",
"initial_release_date": "2026-04-06T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-04-06T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-04-07T22:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: EUVD-2025-209267, EUVD-2025-209266"
},
{
"date": "2026-04-12T22:00:00.000+00:00",
"number": "3",
"summary": "Referenz(en) aufgenommen: GHSA-FF89-7R94-6Q4Q, EUVD-2026-21866, EUVD-2026-21862, EUVD-2026-21816, EUVD-2026-21858, EUVD-2026-21856, EUVD-2026-21864, EUVD-2026-21860"
},
{
"date": "2026-06-01T22:00:00.000+00:00",
"number": "4",
"summary": "Referenz(en) aufgenommen: EUVD-2026-33772, EUVD-2026-33784, EUVD-2026-33787, EUVD-2026-33776, EUVD-2026-33777, EUVD-2026-33778, EUVD-2026-33779, EUVD-2026-33782, EUVD-2026-33781, EUVD-2026-33783, EUVD-2026-33768, EUVD-2026-33769, EUVD-2026-33770, EUVD-2026-33771, EUVD-2026-33773, EUVD-2026-33774, EUVD-2025-210014, EUVD-2025-210009, EUVD-2025-210013, EUVD-2025-210008, EUVD-2026-33795, EUVD-2026-33796, EUVD-2026-33775, EUVD-2026-33767, EUVD-2025-210016"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cSMR-APR-2026",
"product": {
"name": "Samsung Android \u003cSMR-APR-2026",
"product_id": "T052424"
}
},
{
"category": "product_version",
"name": "SMR-APR-2026",
"product": {
"name": "Samsung Android SMR-APR-2026",
"product_id": "T052424-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:samsung:android:smr-apr-2026"
}
}
}
],
"category": "product_name",
"name": "Android"
}
],
"category": "vendor",
"name": "Samsung"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-20713",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2023-20713"
},
{
"cve": "CVE-2025-22424",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2025-22424"
},
{
"cve": "CVE-2025-22426",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2025-22426"
},
{
"cve": "CVE-2025-47384",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2025-47384"
},
{
"cve": "CVE-2025-47392",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2025-47392"
},
{
"cve": "CVE-2025-48595",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2025-48595"
},
{
"cve": "CVE-2025-48600",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2025-48600"
},
{
"cve": "CVE-2025-48616",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2025-48616"
},
{
"cve": "CVE-2025-48649",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2025-48649"
},
{
"cve": "CVE-2025-48651",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2025-48651"
},
{
"cve": "CVE-2025-52908",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2025-52908"
},
{
"cve": "CVE-2025-52909",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2025-52909"
},
{
"cve": "CVE-2025-54601",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2025-54601"
},
{
"cve": "CVE-2025-54602",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2025-54602"
},
{
"cve": "CVE-2025-64505",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2025-64505"
},
{
"cve": "CVE-2025-64720",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2025-64720"
},
{
"cve": "CVE-2025-65018",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2025-65018"
},
{
"cve": "CVE-2026-0016",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-0016"
},
{
"cve": "CVE-2026-0018",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-0018"
},
{
"cve": "CVE-2026-0036",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-0036"
},
{
"cve": "CVE-2026-0039",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-0039"
},
{
"cve": "CVE-2026-0040",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-0040"
},
{
"cve": "CVE-2026-0041",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-0041"
},
{
"cve": "CVE-2026-0042",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-0042"
},
{
"cve": "CVE-2026-0043",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-0043"
},
{
"cve": "CVE-2026-0044",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-0044"
},
{
"cve": "CVE-2026-0045",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-0045"
},
{
"cve": "CVE-2026-0046",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-0046"
},
{
"cve": "CVE-2026-0048",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-0048"
},
{
"cve": "CVE-2026-0049",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-0049"
},
{
"cve": "CVE-2026-0050",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-0050"
},
{
"cve": "CVE-2026-0052",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-0052"
},
{
"cve": "CVE-2026-0055",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-0055"
},
{
"cve": "CVE-2026-0056",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-0056"
},
{
"cve": "CVE-2026-0058",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-0058"
},
{
"cve": "CVE-2026-0059",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-0059"
},
{
"cve": "CVE-2026-0067",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-0067"
},
{
"cve": "CVE-2026-0079",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-0079"
},
{
"cve": "CVE-2026-0080",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-0080"
},
{
"cve": "CVE-2026-20431",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-20431"
},
{
"cve": "CVE-2026-20433",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-20433"
},
{
"cve": "CVE-2026-20435",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-20435"
},
{
"cve": "CVE-2026-21003",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-21003"
},
{
"cve": "CVE-2026-21006",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-21006"
},
{
"cve": "CVE-2026-21007",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-21007"
},
{
"cve": "CVE-2026-21008",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-21008"
},
{
"cve": "CVE-2026-21009",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-21009"
},
{
"cve": "CVE-2026-21010",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-21010"
},
{
"cve": "CVE-2026-21011",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-21011"
},
{
"cve": "CVE-2026-21012",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-21012"
},
{
"cve": "CVE-2026-21381",
"product_status": {
"known_affected": [
"T052424"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2026-21381"
}
]
}
WID-SEC-W-2026-0981
Vulnerability from csaf_certbund - Published: 2026-04-06 22:00 - Updated: 2026-04-06 22:00Summary
Samsung Exynos: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Exynos ist der Markenname für Samsung-Mobilfunk-Chipsätze und Prozessoren.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Samsung Exynos ausnutzen, um einen Denial of Service Angriff durchzuführen, und potenziell um beliebigen Programmcode auszuführen.
Betroffene Betriebssysteme: - Sonstiges
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Exynos
Samsung
|
cpe:/h:samsung:exynos:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Exynos
Samsung
|
cpe:/h:samsung:exynos:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Exynos
Samsung
|
cpe:/h:samsung:exynos:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Exynos
Samsung
|
cpe:/h:samsung:exynos:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Exynos
Samsung
|
cpe:/h:samsung:exynos:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Exynos
Samsung
|
cpe:/h:samsung:exynos:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Exynos
Samsung
|
cpe:/h:samsung:exynos:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Samsung Exynos
Samsung
|
cpe:/h:samsung:exynos:-
|
— |
References
11 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Exynos ist der Markenname f\u00fcr Samsung-Mobilfunk-Chips\u00e4tze und Prozessoren.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Samsung Exynos ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren, und potenziell um beliebigen Programmcode auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0981 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0981.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0981 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0981"
},
{
"category": "external",
"summary": "Samsung Product Security Update April 2026 vom 2026-04-06",
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/"
},
{
"category": "external",
"summary": "Samsung CVE-2025-54324 vom 2026-04-06",
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-54324/"
},
{
"category": "external",
"summary": "Samsung CVE-2025-54328 vom 2026-04-06",
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-54328/"
},
{
"category": "external",
"summary": "Samsung CVE-2025-54601 vom 2026-04-06",
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-54601/"
},
{
"category": "external",
"summary": "Samsung CVE-2025-54602 vom 2026-04-06",
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-54602/"
},
{
"category": "external",
"summary": "Samsung CVE-2025-57834 vom 2026-04-06",
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-57834/"
},
{
"category": "external",
"summary": "Samsung CVE-2025-57835 vom 2026-04-06",
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-57835/"
},
{
"category": "external",
"summary": "Samsung CVE-2025-58349 vom 2026-04-06",
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-58349/"
},
{
"category": "external",
"summary": "Samsung CVE-2025-59440 vom 2026-04-06",
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-59440/"
}
],
"source_lang": "en-US",
"title": "Samsung Exynos: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-04-06T22:00:00.000+00:00",
"generator": {
"date": "2026-04-07T11:29:29.677+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0981",
"initial_release_date": "2026-04-06T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-04-06T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Samsung Exynos",
"product": {
"name": "Samsung Exynos",
"product_id": "T052433",
"product_identification_helper": {
"cpe": "cpe:/h:samsung:exynos:-"
}
}
}
],
"category": "vendor",
"name": "Samsung"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-54324",
"product_status": {
"known_affected": [
"T052433"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2025-54324"
},
{
"cve": "CVE-2025-54328",
"product_status": {
"known_affected": [
"T052433"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2025-54328"
},
{
"cve": "CVE-2025-54601",
"product_status": {
"known_affected": [
"T052433"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2025-54601"
},
{
"cve": "CVE-2025-54602",
"product_status": {
"known_affected": [
"T052433"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2025-54602"
},
{
"cve": "CVE-2025-57834",
"product_status": {
"known_affected": [
"T052433"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2025-57834"
},
{
"cve": "CVE-2025-57835",
"product_status": {
"known_affected": [
"T052433"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2025-57835"
},
{
"cve": "CVE-2025-58349",
"product_status": {
"known_affected": [
"T052433"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2025-58349"
},
{
"cve": "CVE-2025-59440",
"product_status": {
"known_affected": [
"T052433"
]
},
"release_date": "2026-04-06T22:00:00.000+00:00",
"title": "CVE-2025-59440"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…