CVE-2025-27807CRITICAL 9.1EPSS p22.9%

CVE-2025-27807CVE-2025-27807

Description

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes via malformed NAS packets.

Scoring

CVSS 3.19.1 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS0.31% probability of exploitation · percentile 22.9% · 2026-06-18T12:00:27Z
Published2026-01-05
Last modified2026-01-09

Underlying weaknesses· 1

CWE-787

References

  1. https://semiconductor.samsung.com/support/quality-support/product-security-updates/
  2. https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-27807/

1

TypeTargetConfidenceTier
WeaknessOut-of-bounds Writecwe-7870%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-27891
CVE
CVE-2025-47202
CVE
CVE-2025-62818
CVE
CVE-2025-23107
CVE
CVE-2025-52909
CVE
CVE-2025-23097
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.