CVE-2025-54328
CVE-2025-54328
Vexday Risk Score
48Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS 10EPSS 0.5%KEV nãoPoC públicaNuclei —Metasploit —Patch —
Lifecycle
06 Apr 2026Published on NVD
10 Apr 2026Public PoC
Recommendation: Plan a near-term fix — a public PoC already exists.
An issue was discovered in SMS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. A Stack-based Buffer Overflow occurs while parsing SMS RP-DATA messages.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 1
githubgithub.com/Hunt-Benito/samsung-exynos-sms-stack-overflow-cve-2025-54328-critical-zero-click-baseband-rce★ 1⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.