Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
3DescriptionCVE.org
An issue was discovered in RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Improper memory initialization results in an illegal memory access, causing a system crash via a malformed RRCReconfiguration message.
AnalysisAI
System crash in Samsung Exynos processors (980/990/850/1080/2100/1280/2200/1330/1380/1480/2400/1580/2500/9110, Wearable W920/W930/W1000, Modems 5123/5300/5400) allows unauthenticated remote attackers to trigger denial-of-service via malformed RRCReconfiguration message exploiting improper memory initialization in the Radio Resource Control (RRC) layer. No public exploit identified at time of analysis. EPSS score of 0.02% (5th percentile) indicates very low probability of imminent exploitation despite network-reachable attack surface and low complexity (CVSS 7.5, AV:N/AC:L/PR:N).
Technical ContextAI
This vulnerability resides in the RRC (Radio Resource Control) protocol implementation within Samsung Exynos baseband processors and modems. RRC is a critical Layer 3 signaling protocol in cellular networks (LTE/5G) responsible for connection management, mobility, and radio bearer configuration. The flaw stems from CWE-20 (Improper Input Validation), specifically inadequate memory initialization when processing RRCReconfiguration messages from the network. When a malformed RRCReconfiguration message is received, uninitialized memory regions are accessed illegally, triggering undefined behavior that crashes the modem subsystem. The affected CPE strings indicate this impacts both mobile processors (flagship 2100/2200/2400/2500 series, mid-range 1080/1280/1380/1480/1580 series, entry-level 850/980/990) and standalone modem chipsets (5123/5300/5400), plus wearable processors (W920/W930/W1000). The vulnerability operates at the cellular baseband level, making it accessible from any device capable of transmitting cellular signaling messages on the same network cell.
RemediationAI
Apply firmware updates from Samsung Semiconductor as documented in the official security bulletin at https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-57835/. End users should install over-the-air (OTA) system updates from their device manufacturer (Samsung Mobile, wearable OEMs) that incorporate patched Exynos firmware. Device manufacturers integrating affected Exynos chipsets should contact Samsung Semiconductor directly for updated baseband firmware packages. Enterprise mobile device management (MDM) administrators should enforce mandatory security updates for affected Galaxy devices in corporate fleets. No workarounds are available as this is a baseband-level vulnerability requiring vendor firmware remediation. Monitor Samsung's security update portal at https://semiconductor.samsung.com/support/quality-support/product-security-updates/ for release timelines and detailed patch distribution schedules per chipset model. Network operators may implement supplementary protections by validating RRC signaling message formats at base station level, though this is not a substitute for device-level patching.
More in Exynos 990 Firmware
View allIn RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 13
Samsung Exynos processors (multiple models including 980, 990, 2100, 2200, 2400) and modems have an out-of-bounds write
Double-free vulnerability in Samsung's Exynos mobile processors (models 980, 990, 1080, 2100, 1280, 2200, 1380, 1480, an
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 108
An issue was discovered in the m2m scaler driver in Samsung Mobile Processor and Wearable Processor Exynos 9820, 9825, 9
A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Ex
Use-After-Free (UAF) vulnerability in Samsung's Exynos mobile processors (980, 990, 1080, 2100, 1280, 2200, 1380) that e
An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990,
An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990,
An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 240
An issue was discovered in Samsung Mobile Processor, Wearable Processor and Modem Exynos 980, 990, 850, 1080, 9110, W920
Denial of service in Samsung Exynos USIM firmware across mobile, wearable, and modem processors allows unauthenticated r
Same weakness CWE-20 – Improper Input Validation
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-209237
GHSA-r58x-6wq2-782p