Samsung Patches Zero-Day Exploited Against Android Users

Reported by Meta and WhatsApp, the vulnerability leads to remote code execution and was likely exploited by a spyware vendor.

Samsung’s September 2025 security updates for Android devices include a patch for a vulnerability that has been exploited in the wild.

The exploited bug, tracked as CVE-2025-21043 (CVSS score of 8.8), is described as an out-of-bounds write issue in the libimagecodec.quram.so image parsing library, which is used by applications that process images on Samsung devices.

According to Samsung, successful exploitation of the security defect allows remote attackers to execute arbitrary code on vulnerable devices.

“Samsung was notified that an exploit for this issue has existed in the wild,” the mobile phone maker notes in its advisory.

The company has not shared details on the flaw, nor on the observed exploitation, but credited the Meta and WhatsApp security teams for reporting it on August 13.

The timing ...