CVE-2025-20931

High

Published: 06 March 2025

Published

06 March 2025

Modified

16 July 2025

KEV Added

—

Patch

—

CVSS Score 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L

EPSS Score 0.0009 25.8th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may exploit software vulnerabilities in client applications to execute code.

Security Summary

CVE-2025-20931 is an out-of-bounds write vulnerability (CWE-787) in the BMP image parsing functionality of the Samsung Notes application, affecting versions prior to 4.4.26.71. Published on 2025-03-06, it carries a CVSS v3.1 base score of 7.3 (AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L), indicating high integrity impact with low confidentiality and availability effects.

Local attackers can exploit this vulnerability by supplying a maliciously crafted BMP image to Samsung Notes. With low attack complexity, no privileges or user interaction required, exploitation enables arbitrary code execution on the local system.

Samsung's security advisory for March 2025, available at https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=03, addresses the vulnerability and mitigation through updates to Samsung Notes version 4.4.26.71 or later.

Details

CWE(s): CWE-787

Affected Products

samsung

notes

≤ 4.4.26.71

MITRE ATT&CK Enterprise Techniques

T1203 Exploitation for Client Execution Execution

Adversaries may exploit software vulnerabilities in client applications to execute code.

attack.mitre.org →

Why these techniques?

Out-of-bounds write in client app (Samsung Notes) BMP parser enables arbitrary code execution on local system with no user interaction required.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=03
Vendor Advisory · mobile.security@samsung.com