{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-62818", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-07T14:48:46.537Z", "dateReserved": "2025-10-23T00:00:00.000Z", "datePublished": "2026-04-07T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-07T14:48:46.537Z"}, "descriptions": [{"lang": "en", "value": "An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. An out-of-bounds write occurs due to a mismatch between the TP-UDHI and UDL values when processing an SMS TP-UD packet."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/"}, {"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-62818/"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}}, "dataVersion": "5.2"}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. An out-of-bounds write occurs due to a mismatch between the TP-UDHI and UDL values when processing an SMS TP-UD packet."}], "id": "CVE-2025-62818", "lastModified": "2026-04-08T21:27:15.610", "metrics": {}, "published": "2026-04-07T15:17:34.060", "references": [{"source": "cve@mitre.org", "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/"}, {"source": "cve@mitre.org", "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-62818/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis"}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,*]"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "exynos", "vendor": "samsung"}], "analysis": {"en": {"generated_at": "2026-04-07T19:43:46.542431+00:00", "value": {"mitigation_remediation": ["Apply the latest Samsung firmware update to affected processor and modem models", "Verify that the update has been successfully installed", "Consider disabling or restricting SMS functionality if the device does not require it"], "summary": {"action": "Immediate patch", "impact": "Arbitrary code execution"}, "threat_synthesis": {"affected_systems": "Samsung Mobile Processor, Wearable Processor, and Modem lines are affected, including models Exynos\u00a0980,\u00a0990,\u00a0850,\u00a01080,\u00a02100,\u00a01280,\u00a02200,\u00a01330,\u00a01380,\u00a01480,\u00a02400,\u00a01580,\u00a02500,\u00a09110,\u00a0W920,\u00a0W930,\u00a0W1000, Modem\u00a05123,\u00a0Modem\u00a05300, and Modem\u00a05400.", "description_and_impact": "An out\u2011of\u2011bounds write occurs when the TP-UDHI and UDL values do not match during SMS TP-UD packet processing. The flaw can corrupt memory and may enable an attacker to execute arbitrary code, jeopardizing device confidentiality, integrity, and availability.", "risk_and_exploitability": "The CVE description does not provide a CVSS score or EPSS value, and it is not listed in the CISA KEV catalog. The vulnerability is likely exploitable remotely via forged SMS messages targeting devices that use the affected processor or modem models. Because the flaw permits memory corruption, severity could be high if an attacker succeeds, though the lack of publicly reported exploits leaves uncertainty about current exploitation risk."}}}}, "created": "2026-04-08T19:38:38.776842+00:00", "title": "Out\u2011of\u2011Bounds Write in Samsung Exynos Processors During SMS Packet Processing", "updated": "2026-04-08T19:50:29.237413+00:00", "vendors": ["samsung", "samsung$PRODUCT$exynos"], "weaknesses": ["CWE-787"]}