Samsung has released a security update to patch a critical zero-day vulnerability that was actively exploited in attacks against its Android devices.
The flaw, tracked as CVE-2025-21043, affects Samsung smartphones running Android 13 or later. It was reported by security teams from Meta and WhatsApp on August 13 and is caused by an out-of-bounds write in libimagecodec.quram.so, a closed-source image parsing library developed by Quramsoft. Exploiting this weakness could allow attackers to execute malicious code remotely on affected devices.
Samsung confirmed that an exploit for this issue had been used in the wild, though it did not specify whether the attacks were limited to WhatsApp users. Other messaging apps that rely on the same image parsing library may also be at risk.
This development comes shortly after WhatsApp patched a zero-click vulnerability (CVE-2025-55177) in its iOS and macOS clients, which was chained with an Apple zero-day flaw (CVE-2025-43300) in highly targeted spyware attacks. Amnesty International’s Security Lab said WhatsApp warned some users that they had been targeted in this campaign.
Samsung’s patch is part of the September 2025 Security Maintenance Release, and users are strongly advised to update their devices immediately.
Earlier this month, attackers also began exploiting another Samsung vulnerability (CVE-2024-7399) in its MagicINFO 9 Server, highlighting the growing focus of hackers on Samsung’s ecosystem.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
