OOB write in Fingerprint Trustlet (SMR Nov2025) local privileged
CVE-2025-21071 Published on November 5, 2025

Out-of-bounds write in handling opcode in fingerprint trustlet prior to SMR Nov-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.

NVD

Vulnerability Analysis

CVE-2025-21071 can be exploited with local system access, and requires user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.

Attack Vector:

LOCAL

Attack Complexity:

HIGH

Privileges Required:

HIGH

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

NONE

Products Associated with CVE-2025-21071

Want to know whenever a new CVE is published for Samsung Mobile Devices? stack.watch will email you.

Samsung Mobile Devices

Affected Versions

Samsung Mobile Devices Version SMR Nov-2025 Release in Android 13, 14, 15, 16 is unaffected by CVE-2025-21071

Exploit Probability

EPSS

0.02%

Percentile

3.96%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

OOB write in Fingerprint Trustlet (SMR Nov2025) local privilegedCVE-2025-21071 Published on November 5, 2025

Vulnerability Analysis

Products Associated with CVE-2025-21071

Affected Versions

Exploit Probability

OOB write in Fingerprint Trustlet (SMR Nov2025) local privileged
CVE-2025-21071 Published on November 5, 2025