CVE-2025-27374 – Samsung Exynos Processors Secure Boot Component Out-of-Bounds Write Vulnerability

Vulnerability

A high-severity vulnerability has been identified in the Secure Boot component of various Samsung Mobile and Wearable Processors, including Exynos 9820, 9825, 980, 990, 850, 1080, 1280, 2200, 1330, 1380, 1480, and 2400. The issue arises from a lack of proper length validation, leading to out-of-bounds write operations.

Impact

The vulnerability allows for out-of-bounds write operations, which can potentially be exploited to execute arbitrary code or cause a denial-of-service condition.

Added: Nov 4, 2025, 9:26 PM

Updated: Nov 4, 2025, 10:19 PM

Affected Products

Samsung Exynos 9820

0 remedies

cpe:2.3:h:samsung:exynos_9820:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 9825

0 remedies

cpe:2.3:h:samsung:exynos_9825:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 980

0 remedies

cpe:2.3:h:samsung:exynos_980:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 990

0 remedies

cpe:2.3:h:samsung:exynos_990:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 850

0 remedies

cpe:2.3:h:samsung:exynos_850:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 1080

0 remedies

cpe:2.3:h:samsung:exynos_1080:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 1280

0 remedies

cpe:2.3:h:samsung:exynos_1280:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 2200

0 remedies

cpe:2.3:h:samsung:exynos_2200:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 1330

0 remedies

cpe:2.3:h:samsung:exynos_1330:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 1380

0 remedies

cpe:2.3:h:samsung:exynos_1380:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 1480

0 remedies

cpe:2.3:h:samsung:exynos_1480:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 2400

0 remedies

cpe:2.3:h:samsung:exynos_2400:*:*:*:*:*:*:*, +1 more

0 remedies

CVSS Scores

volerion

6.8

CVSS 4.0

6.8

Medium

volerion

5.5

CVSS 3.1

5.5

Medium

CISA-ADP

5.3

CVSS 3.1

5.3

Medium

Click a row to open the calculator.

References

https://semiconductor.samsung.com/support/quality-support/product-security-updates/

BundleVendor

https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-27374/

AdvisoryVendor

Showing 1-2 of 2 references

Samsung Exynos Processors Secure Boot Component Out-of-Bounds Write Vulnerability

Vulnerability

Impact

Affected Products

Samsung Exynos 9820

Samsung Exynos 9825

Samsung Exynos 980

Samsung Exynos 990

Samsung Exynos 850

Samsung Exynos 1080

Samsung Exynos 1280

Samsung Exynos 2200

Samsung Exynos 1330

Samsung Exynos 1380

Samsung Exynos 1480

Samsung Exynos 2400

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating