CISA adds Samsung mobile device vulnerability CVE-2025-21042 to KEV catalog

CISA has incorporated a newly identified security flaw affecting Samsung mobile devices into its Known Exploited Vulnerabilities (KEV) Catalog. This vulnerability involves an out-of-bounds write condition and carries the risk of unauthorized data alteration or system compromise.

The specific vulnerability is tracked as CVE-2025-21042 and impacts Samsung mobile device software. It enables exploitation through memory write operations beyond allocated boundaries. This type of vulnerability is categorized separately in the KEV Catalog and is recognized for its exploitation in active cyber incidents affecting federal cybersecurity frameworks.

The consequences of this vulnerability include the potential for malicious actors to execute arbitrary code or disrupt system operations on affected devices. Such exploitation risks data integrity and system availability within the environments where these devices operate.

Remediation measures include addressing the vulnerability as outlined by CISA. The agency has added this vulnerability to the KEV Catalog and expects Federal Civilian Executive Branch (FCEB) agencies to implement corrective actions pursuant to Binding Operational Directive (BOD) 22-01. This directive mandates the timely correction of identified threats to reduce cyber risk on government networks.

CISA advises all organizations to emphasize prompt remediation of vulnerabilities listed in the KEV Catalog as part of their vulnerability management strategies, irrespective of mandatory federal directives. The agency will continue to update the catalog with vulnerabilities meeting established criteria for known exploitation activity.