Zero Day MonitorZDM

← Back to list

9.8

CVE-2025-52909

samsung · exynos_1280_firmware

CVE-2025-52909: An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 13

Description

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow via a certain ioctl message, issue 2 of 2.

Affected Products

Vendor	Product	Versions
samsung	exynos_1280_firmware	n/a

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
samsung	exynos_1380_firmware	cve_cpe	95%
samsung	exynos_1380	cve_cpe	95%
samsung	exynos_1330_firmware	cve_cpe	95%
samsung	exynos_1480_firmware	cve_cpe	95%
samsung	exynos_1580_firmware	cve_cpe	95%

References

https://semiconductor.samsung.com/support/quality-support/product-security-updates/
https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-52909/

Related News (1 articles)

Tier C

VulDB7d ago

CVE-2025-52909 | Samsung Samsung Mobile Processor/Wearable Processor Exynos Wi-Fi Driver buffer overflow

→ No new info (linked only)

CVSS 3.19.8 CRITICAL

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited❌ No

PublishedApr 7, 2026

Last enriched1d agov2

Trending Score18

Source articles1

Independent1

Info Completeness6/14

Missing: cvss, epss, cwe, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-25208EXP

CVE-2026-25208: Integer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers.This issue affects Escargot: 97e8

MEDIUMCVE-2026-25209EXP

CVE-2026-25209: Out-of-bounds read vulnerability in Samsung Open Source Escargot allows Resource Leak Exposure.This issue affects Escarg

CRITICALCVE-2025-62818EXP

CVE-2025-62818: An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 128

CRITICALCVE-2025-54602EXP

CVE-2025-54602: An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 12

Multiple vulnerabilities in Samsung mobile devices prior to SMR-APR-2026 Release 1

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 7, 2026

Discovered by ZDM

Apr 7, 2026

Updated: severity, affectedVersions

Apr 7, 2026

Version History

v2

Last enriched 1d ago

v2Tier C7d ago

Updated severity to CRITICAL and clarified that no exploit is available.

severityaffectedVersions

via VulDB

v17d ago

Initial creation