← back
CVE-2025-27807

CVE-2025-27807

CVSS 9.1 CRITICALEPSS 0.3%CWE-787
Vexday Risk Score
28Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 9.1EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
05 Jan 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes via malformed NAS packets.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Affected products
n/a · n/a