CVE-2025-27891CRITICAL 9.1EPSS p31.5%

CVE-2025-27891CVE-2025-27891

Description

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds reads via malformed NAS packets.

Scoring

CVSS 3.19.1 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS0.40% probability of exploitation · percentile 31.5% · 2026-06-19T12:03:05Z
Published2025-05-14
Last modified2025-07-01

Underlying weaknesses· 1

CWE-125

References

  1. https://semiconductor.samsung.com/support/quality-support/product-security-updates/
  2. https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-27891/

1

TypeTargetConfidenceTier
WeaknessOut-of-bounds Readcwe-1250%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-27807
CVE
CVE-2025-47202
CVE
CVE-2025-58349
CVE
CVE-2025-52909
CVE
CVE-2025-62818
CVE
CVE-2025-54328
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.