CVE-2025-52909
CRITICAL EPSS 38.9%
Published Apr 7, 20262mo ago · Modified Jun 17, 20262w ago
9.8 CVSS 3.1
Published Apr 7, 2026 2mo ago
Last Modified Jun 17, 2026 2w ago
Description
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow via a certain ioctl message, issue 2 of 2.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High
Threat Intelligence
EPSS Exploit Probability
38.9% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-120
Affected Products 20
| Vendor | Product | Version | Range |
|---|---|---|---|
| samsung | exynos_w1000_firmware | * | any |
| samsung | exynos_w1000 | * | any |
| samsung | exynos_w920_firmware | * | any |
| samsung | exynos_w920 | * | any |
| samsung | exynos_w930_firmware | * | any |
| samsung | exynos_w930 | * | any |
| samsung | exynos_980_firmware | * | any |
| samsung | exynos_980 | * | any |
| samsung | exynos_850_firmware | * | any |
| samsung | exynos_850 | * | any |
| samsung | exynos_1580_firmware | * | any |
| samsung | exynos_1580 | * | any |
| samsung | exynos_1480_firmware | * | any |
| samsung | exynos_1480 | * | any |
| samsung | exynos_1380_firmware | * | any |
| samsung | exynos_1380 | * | any |
| samsung | exynos_1330_firmware | * | any |
| samsung | exynos_1330 | * | any |
| samsung | exynos_1280_firmware | * | any |
| samsung | exynos_1280 | * | any |
References 2
- semiconductor.samsung.com https://semiconductor.samsung.com/support/quality-support/product-security-updates/
- semiconductor.samsung.com https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-52909/
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.