Multiple vulnerabilities in Samsung Exynos chipset firmware allow for remote code execution, privilege escalation, and information disclosure. The most severe is CVE-2025-62814 with a CVSS score of 7.5 (High), affecting Exynos 1280, 1380, 1480, 2200, and 2400 firmware. Samsung has released fixes for these CVEs; administrators must apply the vendor-provided patches from the linked security update pages.
Multiple vulnerabilities were identified in Samsung Products. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure, security restriction bypass, elevation of privilege and remote code execution on the targeted system. Impact Elevation of Privilege Remote Code Execution Elevation of Privilege Security Restriction Bypass Information Disclosure Denial of Service System / Technologies affected Android Watch 14, 16 Samsung mobile devices running Android 14, 15, 16 Exynos 1280, 1380, 1480, 1580, 2200, 2400, 2500 For affected products, please refer to the link below: https://security.samsungmobile.com/securityUpdate.smsb https://semiconductor.samsung.com/support/quality-support/product-security-updates/ Solutions Before installation of the software, please visit the vendor website for more details. Apply fixes issued by the vendor: https://security.samsungmobile.com/securityUpdate.smsb https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-62814/ https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-62815/ https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-62816/ https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-62817/ https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-66363/