Detections
Analytics
CVE-2025-21042
critical
Description
Out-of-bounds write in libimagecodec.quram.so prior to SMR Apr-2025 Release 1 allows remote attackers to execute arbitrary code.
References
https://www.infosecurity-magazine.com/news/cisa-zeroday-bugspyware-attacks-kev/
https://www.helpnetsecurity.com/2025/11/11/samsung-spyware-cve-2025-21042/
https://hackread.com/landfall-spyware-samsung-galaxy-malicious-images/
https://www.theregister.com/2025/11/07/landfall_spyware_samsung_0days/
https://www.securityweek.com/landfall-android-spyware-targeted-samsung-phones-via-zero-day/
https://www.databreachtoday.com/samsung-zero-day-flaw-exploited-by-landfall-spyware-a-29963
https://www.darkreading.com/mobile-security/landfall-malware-targeted-samsung-galaxy-users
https://therecord.media/landfall-spyware-middle-east-appears-commercial-grade
https://thehackernews.com/2025/11/samsung-zero-click-flaw-exploited-to.html