Samsung has released its monthly security updates for Android, including a fix for a security vulnerability that it said has been exploited in zero-day attacks.
The vulnerability, CVE-2025-21043 (CVSS score: 8.8), concerns an out-of-bounds write that could result in arbitrary code execution.
“Out-of-bounds Write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to execute arbitrary code,” Samsung said in an advisory. “The patch fixed the incorrect implementation.”
According to a 2020 report from Google Project Zero, libimagecodec.quram.so is a closed-source image parsing library developed by Quramsoft that implements support for various image formats.
The critical-rated issue, per the South Korean electronics giant, affects Android versions 13, 14, 15, and 16. The vulnerability was privately disclosed to the company on August 13, 2025.
Samsung did not share any specifics on how the vulnerability is being exploited in attacks and who may be behind these efforts. However, it acknowledged that “an exploit for this issue has existed in the wild.”
The development comes shortly after Google said it resolved two security flaws in Android (CVE-2025-38352 and CVE-2025-48543) that it said have been exploited in targeted attacks.
