Headline
Samsung Fixes Image Parsing Vulnerability Exploited in Android Attacks
Samsung patched CVE-2025-21043, a critical flaw in its Android devices exploited in live attacks. Users urged to install September 2025 update.
Samsung has patched a serious security vulnerability that hackers were already using in live attacks against its Android devices. The issue, tracked as CVE-2025-21043, was first reported in August 2025 by the security teams at Meta and WhatsApp and has since been confirmed as a critical remote code execution vulnerability.
According to Samsung, the vulnerability was found in libimagecodec.quram.so, a closed-source image parsing library created by Quramsoft, a software company in Yongin, South Korea.
The vulnerability, an out-of-bounds write weakness, gave attackers a way to push malicious code onto vulnerable devices by sending specially prepared image files. In practice, this means that a user could be compromised without knowingly opening or downloading anything suspicious.
While Samsung did not confirm whether attackers were only targeting WhatsApp users, the library is also used by other messaging apps, and attackers could try different ways to exploit the flaw, which is why the flaw has been classified as critical.
In August, WhatsApp patched another serious flaw (CVE-2025-55177), a zero-click vulnerability on iOS and macOS that was chained with an Apple zero-day in highly targeted campaigns.
As for CVE-2025-21043, the company has now addressed the issue as part of its September 2025 Security Maintenance Release. Along with this fix, the update includes patches from Google and Samsung’s own semiconductor division, covering a long list of high and critical flaws affecting Android 13 through Android 16 devices.
Security experts are emphasising the importance of applying this update as soon as possible. Ms. Nivedita Murthy, Senior Staff Consultant at Black Duck, explained that vulnerabilities like this one can give attackers a direct line to user data.
“Both Samsung and WhatsApp have released patches to address this issue. Organisations should remain vigilant for new vulnerabilities to protect application security without compromise. Users should ensure their devices and installed software are updated to the latest versions. Keeping devices up to date is a fundamental aspect of basic security hygiene; users should follow system notifications to stay current,” she said.
Samsung users must check for the September 2025 security update and install it promptly. As always, timely patching is the best defence against known and unknown cybersecurity threats.
Related news
Samsung has released its monthly security updates for Android, including a fix for a security vulnerability that it said has been exploited in zero-day attacks. The vulnerability, CVE-2025-21043 (CVSS score: 8.8), concerns an out-of-bounds write that could result in arbitrary code execution. "Out-of-bounds Write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to
Apple has notified users in France of a spyware campaign targeting their devices, according to the Computer Emergency Response Team of France (CERT-FR). The agency said the alerts were sent out on September 3, 2025, making it the fourth time this year that Apple has notified citizens in the county that at least one of the devices linked to their iCloud accounts may have been compromised as part
Bill takes thoughtful look at the transition from summer camp to grind season, explores the importance of mental health and reflects on AI psychiatry.
CISA updates its KEV List with TP-Link Wi-Fi extender and WhatsApp spyware flaws, urging users and agencies to…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity security flaw impacting TP-Link TL-WA855RE Wi-Fi Ranger Extender products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, CVE-2020-24363 (CVSS score: 8.8), concerns a case of missing authentication that could be abused to obtain
WhatsApp has patched a vulnerability that was used in conjunction with an Apple vulnerability in zero-click attacks.
Cybersecurity today is less about single attacks and more about chains of small weaknesses that connect into big risks. One overlooked update, one misused account, or one hidden tool in the wrong hands can be enough to open the door. The news this week shows how attackers are mixing methods—combining stolen access, unpatched software, and clever tricks to move from small entry points to large
WhatsApp has patched a critical 0-day (CVE-2025-55177) that allowed zero-click spyware attacks on iOS and Mac users. The…
WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild in conjunction with a recently disclosed Apple flaw in targeted zero-day attacks. The vulnerability, CVE-2025-55177 (CVSS score: 8.0), relates to a case of insufficient authorization of linked device synchronization messages. Internal researchers on the