CVE-2021-25415
CVE-2021-25415
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
11 Jun 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to remap EL2 memory as writable.
Affected products
Samsung Mobile · Samsung Mobile DevicesWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →