Login Sign Up

CVE-2021-25346

7.1 HIGH
Remote Code Execution

📋 TL;DR

This vulnerability in Samsung's quram library allows attackers to overwrite arbitrary memory locations, potentially leading to arbitrary code execution. It affects Samsung mobile devices running versions prior to the January 2021 security update. The vulnerability requires local access to the device.

💻 Affected Systems

Products:
  • Samsung mobile devices
Versions: Versions prior to SMR Jan-2021 Release 1
Operating Systems: Android with Samsung modifications
Default Config Vulnerable: ⚠️ Yes
Notes: Requires local access to device; exploitation typically through malicious apps.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise with attacker gaining full control, data theft, and persistent backdoor installation.

🟠

Likely Case

Privilege escalation from a lower-privileged app to system-level access, enabling data access and further exploitation.

🟢

If Mitigated

Limited impact due to proper app sandboxing and security controls preventing memory corruption exploitation.

🌐 Internet-Facing: LOW
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires local access and likely app installation; no public exploit code available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: SMR Jan-2021 Release 1 or later

Vendor Advisory: https://security.samsungmobile.com/securityUpdate.smsb

Restart Required: Yes

Instructions:

1. Check for system updates in device settings. 2. Install January 2021 security update or later. 3. Reboot device after installation.

🔧 Temporary Workarounds

Restrict app installations

all

Only install apps from trusted sources like Google Play Store

Disable unknown sources

all

Prevent installation of apps from unknown sources in device settings

🧯 If You Can't Patch

  • Isolate affected devices from sensitive networks and data
  • Implement mobile device management with strict app control policies

🔍 How to Verify

Check if Vulnerable:

Check device security patch level in Settings > About phone > Software information

Check Version:

Not applicable - check through device settings UI

Verify Fix Applied:

Verify security patch level shows January 2021 or later date

📡 Detection & Monitoring

Log Indicators:

  • Unexpected process crashes in quram library
  • Memory access violations in system logs

Network Indicators:

  • Unusual outbound connections from system processes

SIEM Query:

Not applicable - primarily local device exploitation

📊 Metadata

CVE ID: CVE-2021-25346
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L
CWE: CWE-787
Published: March 4, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-25346, you might also want to check these:

CVE-2019-5684 10.0

This vulnerability in NVIDIA Windows GPU Display Drivers allows specially crafted DirectX shaders to...

Same vulnerability type (CWE-787)
CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2019-5049 10.0

This vulnerability allows an attacker to execute arbitrary code on systems with vulnerable AMD graph...

Same vulnerability type (CWE-787)