Samsung Galaxy S25 Users at Risk

Samsung has issued a warning to Galaxy phone users regarding a critical vulnerability affecting models including the Galaxy S25 and Galaxy S25 Edge. The issue, tracked as CVE-2025-21043, affects devices running Android 13 and newer and has already been exploited in active attacks, according to the manufacturer.

The flaw, reported by WhatsApp, involves a closed-source image parsing library developed by Quramsoft. It allows attackers to execute an out-of-bounds write by sending a maliciously crafted image to a target device. When processed, the image can trigger code execution, granting attackers control over the phone without any interaction from the user.

Security experts classify this as a zero-click vulnerability, meaning the target does not need to tap or download anything to be compromised. Such attacks are typically highly sophisticated, often carried out by nation-state actors targeting journalists, politicians, diplomats, and defense personnel.

The Galaxy security update released in September addresses this vulnerability. Samsung urges all device owners to install the latest security patch immediately. However, updates are released in stages depending on the phone model, country, and carrier, so some users may experience delays in receiving the patch.

Similar vulnerabilities were patched on iPhones last month. WhatsApp had resolved an issue involving incomplete authorization of linked device synchronization messages, which could have allowed attackers to execute content from arbitrary URLs on a target’s device. Experts say that, while such attacks are rare, they demonstrate the need for timely software updates across all mobile devices.

For Samsung users, the best defense is ensuring both the operating system and all installed applications are current. Devices without up-to-date patches are more likely to be targeted, regardless of the user’s profile. Even non-public figures are advised to install updates as soon as they become available.