What is the CVSS score of CVE-2025-23105?

CVE-2025-23105 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Exynos 1480 Firmware are affected by CVE-2025-23105?

A high-severity privilege escalation vulnerability affects Samsung mobile processors (Exynos 2200, 1480, and 2400) with no available patch.

How to fix or mitigate CVE-2025-23105?

Within 24 hours: inventory all Samsung devices using affected Exynos processors and restrict their use on critical networks; notify device users of the risk. Within 7 days: evaluate alternate devices for sensitive operations; establish a vendor communication protocol to track patch availability. Within 30 days: develop a device replacement or containment strategy; implement enhanced monitoring for compromised devices; establish clear escalation procedures if exploitation is detected.

Exynos 1480 Firmware CVE-2025-23105

EUVD-2025-16678 HIGH

Incorrect Default Permissions (CWE-276)

2025-06-02 cve@mitre.org

Privilege Escalation Use After Free Samsung Exynos 1480 Firmware Exynos 2200 Firmware Exynos 2400 Firmware

7.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 14, 2026 - 16:47 euvd

EUVD-2025-16678

Analysis Generated

Mar 14, 2026 - 16:47 vuln.today

CVE Published

Jun 02, 2025 - 19:15 nvd

HIGH 7.8

DescriptionNVD

An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. A Use-After-Free in the mobile processor leads to privilege escalation.

AnalysisAI

Use-after-free vulnerability in Samsung's Exynos mobile processors (2200, 1480, and 2400) that allows a local attacker with low privileges to escalate to higher privileges and potentially achieve code execution with full system compromise. The vulnerability requires local access but no user interaction, making it a significant privilege escalation vector for devices running affected processor versions. The CVSS 7.8 rating reflects the high confidentiality, integrity, and availability impacts achievable through privilege escalation on mobile devices where such attacks directly threaten user data and system security.

Technical ContextAI

Use-after-free (UAF) vulnerabilities occur when a program references memory that has been freed, allowing attackers to read, write, or execute arbitrary code by controlling the contents of the freed memory region. In the context of Samsung Exynos processors, this vulnerability likely exists in firmware or kernel-level code responsible for memory management within the mobile processor's subsystems. The CWE-276 classification (Incorrect Default Access Control and Privilege Assignment) combined with the UAF pattern suggests the vulnerability involves improper access controls around freed memory resources in processor firmware or driver code. The Exynos 2200 (used in Galaxy S22 series), 1480 (older flagship processor), and 2400 (newer generation) all share architectural similarities that expose them to the same root cause. This is a firmware/hardware-level vulnerability affecting the System-on-Chip (SoC) rather than application-level code, making it particularly dangerous as it operates below standard OS-level protections.

RemediationAI

Patch through Samsung security updates: (1) Deploy firmware/kernel security patches released by Samsung for affected Exynos processors—these are typically distributed via OTA (over-the-air) updates and monthly security patches; (2) Ensure devices are updated to the latest available security patch level for the respective processor version (e.g., latest 2024-2025 patches for Exynos 2200/2400); (3) Enable all available OS-level security features: SELinux enforcement, address space layout randomization (ASLR), and DEP/NX protections, though these are OS-level and may not fully mitigate processor-level UAF; (4) Implement app permission restrictions and disable installation from unknown sources to reduce local attack surface; (5) Workarounds pending patch: restrict app installations to verified sources only, monitor for unusual privilege escalation attempts via SELinux audit logs if accessible. No specific workaround exists for processor firmware vulnerabilities—patching is mandatory. Contact Samsung support or check security.samsung.com for patch availability and release timelines for your specific device model.