Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Primary

Context

Samsung Mobile Out-of-Bounds Write Vulnerability in libimagecodec.quram.so Allowing Remote Code Execution

Vulnerability

Exploited

A critical out-of-bounds write vulnerability has been identified in the library libimagecodec.quram.so, affecting several different versions prior to the Samsung Security Maintenance Release (SMR) in April 2025. This vulnerability allows remote attackers to execute arbitrary code on the affected devices.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution on the affected device.

Remediation

Users can apply the April 2025 Security Maintenance Release (SMR) to address this vulnerability. This update is part of the monthly security update process and includes patches from both Google and Samsung.

Added: Sep 12, 2025, 8:18 AM

Updated: Nov 10, 2025, 6:40 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.1

remediation

0.0

relevance

0.5

threat

8.1

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.1

remediation

0.0

relevance

0.5

threat

8.1

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Actively Exploited in the Wild

Samsung Mobile Out-of-Bounds Write Vulnerability in libimagecodec.quram.so Allowing Remote Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating