{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-52909", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-07T14:37:50.132Z", "dateReserved": "2025-06-21T00:00:00.000Z", "datePublished": "2026-04-07T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-07T14:37:50.132Z"}, "descriptions": [{"lang": "en", "value": "An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow via a certain ioctl message, issue 2 of 2."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/"}, {"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-52909/"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}}, "dataVersion": "5.2"}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow via a certain ioctl message, issue 2 of 2."}], "id": "CVE-2025-52909", "lastModified": "2026-04-08T21:27:15.610", "metrics": {}, "published": "2026-04-07T15:17:32.490", "references": [{"source": "cve@mitre.org", "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/"}, {"source": "cve@mitre.org", "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-52909/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis"}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": null}], "enrichment": {"confidence": 85.0, "confidence_source": "inferred", "scores": [{"score": 85.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "exynos", "vendor": "samsung"}], "analysis": {"en": {"generated_at": "2026-04-07T20:15:37.692444+00:00", "value": {"mitigation_remediation": ["Apply the latest firmware or driver patch released by Samsung for the affected Exynos devices.", "If a patch is not yet available, disable the Wi\u2011Fi interface or block NL80211 vendor command traffic to prevent the overflow."], "summary": {"action": "Immediate Patch", "impact": "Local Privilege Escalation"}, "threat_synthesis": {"affected_systems": "The issue affects Samsung Mobile Processor and Wearable Processor families, including the Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000 chips. Any device that incorporates these processors and uses the vulnerable Wi\u2011Fi driver version is susceptible to the attack.", "description_and_impact": "A buffer overflow in the Wi\u2011Fi driver on Samsung Exynos processors allows an attacker to corrupt kernel memory by sending a malformed NL80211 vendor command through an ioctl interface. The flaw occurs when the driver incorrectly handles the command data, causing a buffer to overflow and overwrite critical control data. If successfully exploited, this can lead to arbitrary kernel code execution, granting the attacker local privilege escalation. The vulnerability corresponds to a classic buffer overflow weakness (CWE\u2011120).", "risk_and_exploitability": "No EPSS score or KEV listing is available, but the kernel\u2011level nature of the flaw suggests a high impact if exploited. Based on the description, it is inferred that exploitation requires sending a crafted ioctl message, implying local or privileged access. While the attack vector might be local, if the wireless subsystem accepts external NL80211 vendor commands from a network interface, remote exploitation could be possible; however, this is not explicitly documented. Given the lack of public exploit evidence, the likelihood remains uncertain, yet the potential damage per impacted device is system\u2011wide."}}}}, "created": "2026-04-08T19:38:39.818912+00:00", "title": "Buffer Overflow in Samsung Exynos Wi\u2011Fi Driver via NL80211 Vendor Command", "updated": "2026-04-08T19:50:30.389415+00:00", "vendors": ["samsung", "samsung$PRODUCT$exynos"], "weaknesses": ["CWE-120"]}