What is the CVSS score of CVE-2025-54328?

CVE-2025-54328 has a CVSS 3.1 base score of 10.0 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of Samsung are affected by CVE-2025-54328?

CVE-2025-54328 is a critical remote code execution vulnerability affecting 22 Samsung Exynos chipset variants used across mobile, wearable, and IoT devices, exploitable via malformed SMS messages…

How to fix or mitigate CVE-2025-54328?

Within 24 hours: Inventory all Samsung devices with Exynos chipsets (Galaxy S, Tab, Watch, and IoT products) in your organization and identify network perimeter controls for SMS traffic. Within 7 days: Coordinate with Samsung for patch timeline and interim mitigations; restrict SMS messaging to trusted networks only if operationally feasible; monitor for any public exploit code release. Within 30 days: Apply vendor patch immediately upon Samsung release to all affected Exynos devices (specific versions to be communicated by Samsung); prioritize mobile devices in corporate use.

Samsung CVE-2025-54328

EUVD-2025-209243 CRITICAL

Stack-based Buffer Overflow (CWE-121)

2026-04-06 mitre

GHSA-3p7h-7569-cp4p

Buffer Overflow Samsung Stack Overflow

10.0

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Apr 06, 2026 - 19:30 euvd

EUVD-2025-209243

Analysis Generated

Apr 06, 2026 - 19:30 vuln.today

CVE Published

Apr 06, 2026 - 00:00 nvd

CRITICAL 10.0

DescriptionNVD

An issue was discovered in SMS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. A Stack-based Buffer Overflow occurs while parsing SMS RP-DATA messages.

AnalysisAI

Stack-based buffer overflow in Samsung Exynos chipset SMS message processing allows remote attackers to execute arbitrary code or crash devices via malformed SMS RP-DATA messages. Affects 22 Exynos processor and modem variants across mobile, wearable, and IoT devices, requiring no user interaction. CVSS 10.0 with network-level attack vector (PR:N), scope change, and full system impact. EPSS and exploitation status not provided, but SSVC framework indicates automatable attack with total technical impact. No public exploit identified at time of analysis, though the vulnerability class (CWE-121 stack buffer overflow in SMS parsing) has high weaponization potential.

Technical ContextAI

This vulnerability affects the SMS Radio Protocol (RP-DATA) message parser in Samsung's Exynos baseband processors and standalone modems. The RP-DATA layer handles SMS message routing and delivery at the cellular network protocol stack level, operating below the application layer. CWE-121 stack-based buffer overflows occur when unchecked input data exceeds allocated stack memory boundaries, allowing attackers to overwrite return addresses and execute arbitrary code. The affected components span Samsung's entire Exynos lineup from 2019-2024: flagship processors (980, 990, 1080, 2100, 2200, 2400, 2500), mid-range chips (850, 1280, 1330, 1380, 1480, 1580), wearable processors (W920, W930, W1000), IoT processors (9110), and standalone 5G modems (5123, 5300, 5400). The vulnerability exists in firmware-level code that processes cellular network messages before any application-layer filtering, making it exploitable via SMS delivery without requiring the message to be opened or viewed.

RemediationAI

Apply firmware updates from Samsung Semiconductor as published in their Product Security Updates portal at https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-54328/. For end-user devices (smartphones, wearables), install security patches distributed through device manufacturer OTA updates, which may be labeled with Samsung's SMR (Security Maintenance Release) identifiers. Device manufacturers using affected Exynos components should coordinate with Samsung for patched baseband firmware versions. Vendor-released patch availability confirmed per advisory, though specific fixed firmware versions are not publicly enumerated in available references. No effective workarounds exist as the vulnerability resides in baseband firmware SMS processing that cannot be disabled without losing cellular functionality. Organizations managing affected devices should prioritize patch deployment and monitor Samsung's security portal for updated guidance. Network-level SMS filtering is impractical as legitimate SMS traffic must reach devices.